Microsoft Warns: Active Zerologon Attacks Target Windows Servers
Microsoft has warned of active attacks exploiting the Zerologon vulnerability, affecting Windows Servers 2008, 2012 R2, 2016, and 2019. Users are urged to apply patches immediately.
The Zerologon vulnerability, identified as CVE-2020-1472, was exploited by a Dutch team who published an exploit on September 11, 2020. Microsoft has since released patches for affected systems.
Qualys has provided a remote check for the vulnerability with QID 91680, and MITRE has released a new QID to monitor related threats. Microsoft's Microsoft 365 can identify vulnerable Windows systems and prioritize remediation, while Qualys' Microsoft 365 can rapidly deploy relevant patches.
With active attacks ongoing, users are advised to review their Microsoft Windows installations and apply the necessary patches without delay. Microsoft has provided step-by-step patching instructions to assist users. A complete list of affected devices is available on Microsoft's August 2020 security advisory.
Read also:
- Belarus Launches First Accredited Cybersecurity Center
- Bridge the IT-Security Divide with Qualys VMDR for ITSM: A New Application to Streamline Your IT and Security Operations
- Italy passes AI legislation addressing privacy concerns, supervision, and kid-safe access
- East Asian countries should be cautious, as scamming operations are moving towards the region - it's high time we stay vigilant. - Phar Kim Beng
