One Year Later, a Look Back at Zerologon

Dark Reading -

Microsoft’s Patch Tuesday for August 2020 addressed 120 vulnerabilities, including two zero-days and one elevation-of-privilege flaw in the Netlogon remote protocol that initially flew under the radar for many.

Over the following months, that Netlogon vulnerability quickly became the primary focus among security teams. The flaw became a component of advanced persistent threat (APT) toolkits and became the subject of an alert from the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), which later issued an Emergency Directive requiring executive branch departments and agencies to apply the fix.

One year after its initial release, we take a look back at why the bug was first overlooked, what makes it so dangerous, and how it has been weaponized by threat groups around the world.

CVE-2020-1472, now known as Zerologon, had a CVSS 3.0 score of 8.8 when it was released on Aug. 11, 2020. That’s high for a privilege

The post One Year Later, a Look Back at Zerologon first appeared on Dark Reading.

Read More.....