Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Active Exploitation of ZeroLogon - Critical Vulnerability in Netlogon
Alerts

Active Exploitation of ZeroLogon - Critical Vulnerability in Netlogon

15 September 2020

Microsoft issued a security update in August 2020 to address a critical vulnerability in its Netlogon Remote Protocol (CVE-2020-1472). The exploit code for this vulnerability is now publicly available, and there are reports of active exploits taking place.

Successful exploitation of the vulnerability could allow attackers to gain domain administrator access to an exposed Active Directory server and perform malicious activities.

Administrators are strongly advised to patch your systems to the latest version immediately.

For more information, refer to:

https://us-cert.cisa.gov/ncas/current-activity/2020/09/14/exploit-netlogon-remote-protocol-vulnerability-cve-2020-1472

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472

https://www.secura.com/blog/zero-logon

Back to top