Microsoft patches Zerologon attack bug

Zerologon attack

One of the most severe bugs ever detected and reported to Microsoft was patched recently. The infamous bug was capable of easily taking control of the Windows Servers active as domain controllers in the enterprise networks. The bug worked by taking advantage of an unsecure and weak cryptographic algorithm deployed in the Netlogon authentication routine.

Read More: AI’s importance in enterprise IT

It was named as CVE-2020-1472 and patched as part of the August 2020 Patch Tuesday. It is considered an elevation of Netlogon privilege, the security protocol that allows clients against domain controllers.

The liability had been marked with the maximum severity score of 10; however, no official details were announced.

Source: Zdnet