Homeland Security Issues Urgent Windows Security Warning Over Zerologon Exploit
The Zerologon exploit is a way for a nefarious person to escalate privileges within a system and gain access to other systems and files. It takes advantage of the Windows Server Netlogon Remote protocol and authentication to capture session data to escalate the exploit further.
Although the Emergency Directive only applies to those federal agencies, we strongly recommend that state & local government, the private sector, and the American public also apply this security update as soon as possible. More info: https://t.co/O303PodUon #NetSec 2/2
— Cybersecurity and Infrastructure Security Agency (@CISAgov) September 19, 2020
This sort of governmental reaction is alarming but not surprising given its scope. The Common Vulnerability Scoring System (CVSS) has the Zerologon exploit rated at a 10, which is the highest severity rating it could receive. While the government is expediting fixes, companies and organizations should heed the warning of the emergency directive and update their systems too. This exploit is not something you want to find out about the hard way.