Microsoft had published fixes for the security hole known as Zerologon in the patch Tuesday August 2020. However, many system administrators only became aware of the real danger after a recent publication in which the technical background of Zerologon (CVE-2020-1472) was described in more detail. The vulnerability is extremely dangerous and has the highest CVE rating of 10. It allows Windows domain controllers to be taken over and thus also allows the installation of special programs, allowing the attacker to take over the domain.
All Windows Server operating systems from the already discontinued version Windows Server 2008 R2 are affected. Should one of these operating systems run as domain controller on your system, please contact us. Microsoft has already published updates which close this gap and protect your system against this kind of attacks.
Do you have questions about the security gap? Our experts will be happy to provide you with advice and discuss the necessary steps with you.
+49 (541) 1395-94