Security Advisory: Microsoft Windows Netlogon Remote Protocol
Incident Report for Green Cloud Defense
Resolved
The Cybersecurity and Infrastructure Security Agency (CISA) has released Emergency Directive (ED) 20-04 (https://cyber.dhs.gov/ed/20-04/)addressing a critical vulnerability— CVE-2020-1472—affecting Microsoft Windows Netlogon Remote Protocol. An unauthenticated attacker with network access to a domain controller could exploit this vulnerability to compromise all Active Directory identity services.

Microsoft first addressed the Netlogon Elevation of Privilege Vulnerability on 8/11/2020 in its Security Update Guide. CISA and Microsoft suggest applying the documented patches and updates as soon as possible due to this vulnerability's nature. For more information and details, please see CVE-2020-1472 | Netlogon Elevation of Privilege Vulnerability (https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1472#ID0EN).

https://us-cert.cisa.gov/ncas/current-activity/2020/09/18/cisa-releases-emergency-directive-microsoft-windows-netlogon
Posted Sep 21, 2020 - 12:04 EDT
This incident affected: Security.