|
Patch reliability is unclear. Unless you have an immediate, pressing need to install a specific patch, don't do it. |
Newsletter Archives
-
Yes, you do need to patch sooner or later
You know how I say that there’s no reason to patch as soon as the patches come out — but you need to patch sooner or later?
Those of you running Windows Server as a domain controller just showed the rest of us how important that “sooner or later” can be.
Microsoft patched CVE-2020-1472 last month. The security hole was (and still is) described as “2 – Exploitation Less Likely,” thus not of immediate concern. It wasn’t publicly disclosed or exploited at the time (it wasn’t a zero-day). If you followed along with the MS-DEFCON system (which, admittedly, isn’t designed for admins with Windows Server domain controllers) you would’ve installed the patch late last month or early this month.
Good for you.
Yesterday,the Dutch security company Secura B.V. released a full report of the security hole – and it’s a doozy. Catalin Cimpanu at ZDNet has a thorough description:
According to Secura experts, the bug, which they named Zerologon, takes advantage of a weak cryptographic algorithm used in the Netlogon authentication process.
This bug allows an attacker to manipulate Netlogon authentication procedures and:
- impersonate the identity of any computer on a network when trying to authenticate against the domain controller
- disable security features in the Netlogon authentication process
- change a computer’s password on the domain controller’s Active Directory (a database of all computers joined to a domain, and their passwords)
There are limitations to how a Zerologon attack can be used. For starters, it cannot be used to take over Windows Servers from outside the network. An attacker first needs a foothold inside a network.
However, when this condition is met, it’s literally game over for the attacked company.
It’s a bad one. But you got your Server patched a couple of weeks ago, yes?
It’s rare to have a security hole erupt this quickly – although it does happen. We still haven’t seen widespread attacks. But it’s only a matter of time.
Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Recent Topics
-
advice for setting up a new windows computer
by 3 hours, 48 minutes ago
-
It’s Identity Theft Day!
by 26 minutes ago
-
Android 15 require minimum 32GB of storage
by 8 hours, 37 minutes ago
-
Mac Mini 2018, iPhone 6s 2015 Are Now Vintage
by 8 hours, 47 minutes ago
-
Hertz says hackers stole customer credit card and driver’s license data
by 9 hours, 17 minutes ago
-
Firefox became sluggish
by 6 hours, 11 minutes ago
-
Windows 10 Build 19045.5794 (22H2) to Release Preview Channel
by 13 hours, 16 minutes ago
-
Windows 11 Insider Preview Build 22635.5235 (23H2) released to BETA
by 13 hours, 44 minutes ago
-
A Funny Thing Happened on the Way to the Forum
by 9 hours, 15 minutes ago
-
Download speeds only 0.3Mbps after 24H2 upgrade on WiFi and Ethernet
by 10 hours, 39 minutes ago
-
T-Mobile 5G Wireless Internet
by 2 hours, 37 minutes ago
-
Clock missing above calendar in Windows 10
by 3 hours, 11 minutes ago
-
Formula to Calculate Q1, Q2, Q3, or Q4 of the Year?
by 1 day, 4 hours ago
-
The time has come for AI-generated art
by 8 hours, 34 minutes ago
-
Hackers are using two-factor authentication to infect you
by 18 hours, 14 minutes ago
-
23 and you
by 1 day, 1 hour ago
-
April’s deluge of patches
by 4 hours, 47 minutes ago
-
Windows 11 Windows Updater question
by 5 hours, 15 minutes ago
-
Key, Key, my kingdom for a Key!
by 2 days, 10 hours ago
-
Registry Patches for Windows 10
by 2 days, 14 hours ago
-
Cannot get line length to NOT wrap in Outlining in Word 365
by 1 day, 21 hours ago
-
DDU (Display Driver Uninstaller) updates
by 1 day, 6 hours ago
-
Align objects on a OneNote page
by 2 days, 20 hours ago
-
OneNote Send To button?
by 2 days, 21 hours ago
-
WU help needed with “Some settings are managed by your organization”
by 3 days, 5 hours ago
-
No Newsletters since 27 January
by 1 day, 10 hours ago
-
Linux Mint Debian Edition 7 gets OEM support, death of Ubuntu-based Mint ?
by 2 days, 6 hours ago
-
Windows Update “Areca Technology Corporation – System – 6.20.0.41”
by 2 days, 4 hours ago
-
Google One Storage Questions
by 1 day, 12 hours ago
-
Button Missing for Automatic Apps Updates
by 1 day, 20 hours ago
Remembering Woody
