Critical Info — Zerologon Vulnerability Requires Immediate Security Patch Updates
A recently discovered threat targeting Windows Servers, called Zerologon, allows any device connected to a network to obtain domain admin rights with no authentication required. The flaw presents a specially crafted network command to the environment servers, bypassing user login information. The attacker will have the ability to take control of the Domain Controller and obtain domain administrator permissions (highest level security rights).
Once the attacker has obtained domain administrator permissions they can do anything they want in the environment. This vulnerability has already been weaponized into a script that any attacker can easily run once in a client environment, which makes this threat very serious.
Microsoft has released a patch for Domain Controllers to eliminate the vulnerability and it has been applied to all YeoCare clients. YYTECH strongly encourages all clients to apply this patch as soon as possible. Please contact your YYTECH representative if you have any questions about how to apply the patch.
Contact YYTECH if you have any security questions regarding Zerologon.