US Homeland security is requiring network admins to immediately patch their Windows Server 2008 and above (including Windows 10 Server)  after the Zerologon vulnerability started spreading in the wild which can compromise a server in as little as 3 seconds.

The vulnerability stems from a flaw in a cryptographic authentication scheme used by the Netlogon Remote Protocol, which among other things can be used to update computer passwords. This flaw allows attackers to impersonate any computer, including the domain controller itself, and execute remote procedure calls on their behalf.

By forging an authentication token for specific Netlogon functionality, hackers are able to call a function to set the computer password of the Domain Controller to a known value. After that, the attacker can use this new password to take control over the domain controller and steal credentials of a domain admin.

CISA has issued Emergency Directive 20-04, which instructs the Federal Civilian Executive Branch agencies to apply August 2020 security update (CVE-2020-1472) for Microsoft’s Windows Servers to all domain controllers.

CISA has directed government servers by patched by this Monday, the 21st September, but also strongly urged their partners in State and local government, the private sector, and the American public to apply this security update as soon as possible.

If the servers cannot immediately apply the update, they urge companies to remove relevant domain controllers from their networks.

Samsung Galaxy S20+ 5G with 128GB storage smartphone is available for just $996.27, down from its original price point of $1,199.99. This deal is available only for today, so if you want to …

­You can now get a huge $300 discount on the purchase of the Core i7 Surface Pro 7. The Surface Pro 7 with i7 processor, 16GB RAM, and 256GB storage is now available at a price point of $20…

Apple recently launched the Apple AirPods Pro for $250, but on occasion, it is possible to grab a pair at a considerable discount. The AirPods Pro features Active Noise Cancellation and much…

Lack of ports is one of the downsides of the thin and lightweight laptops and the same holds true for Microsoft’s Surface devices. Nevertheless, lack of ports in Surface devices is not…

Samsung Galaxy S20+ 5G with 128GB storage smartphone is available for just $1047.79, down from its original price point of $1,199.99, while the Galaxy S20 5G is down to $849.99(was $999.99)….

If you’re on the lookout for a portable, light-weight, slim mice for traveling purposes, Microsoft Arc Mouse is worth considering. The Microsoft Arc Mouse is pocket friendly and has a …

While there are only a few companies that offer premium quality earbuds, it’s still a difficult task to find the right pair that fits your needs. Apple is one of the top brands that yo…

Samsung Galaxy S20 Ultra packs many exciting features and, of course, it’s the most premium model in the S20 lineup. The S20 Ultra is also Samsung’s first smartphone to have a re…

If asking digital assistants to play music, answer questions, read stories, and tell jokes is your thing, then Amazon Echo Dot is definitely a great product and in many aspects, it’s even …

HP is starting its annual Labor Day sale early, which means you do not have to wait till the 7th to get great deals on laptops, desktops, monitors, printers and more. Highlights include $240…

Source: https://mspoweruser.com/windows-server-vulnerability/

Microsoft Windows, United States Department of Homeland Security, Computer security, Microsoft Corporation, Windows Server, Vulnerability, Computer

World news – CA – Homeland Security warns of major Windows Server vulnerability which “requires immediate attention” – MSPoweruser

En s’appuyant sur ses expertises dans les domaines du digital, des technologies et des process , CSS Engineering vous accompagne dans vos chantiers de transformation les plus ambitieux et vous aide à faire émerger de nouvelles idées, de nouvelles offres, de nouveaux modes de collaboration, de nouvelles manières de produire et de vendre.

CSS Engineering s’implique dans les projets de chaque client comme si c’était les siens. Nous croyons qu’une société de conseil devrait être plus que d’un conseiller. Nous nous mettons à la place de nos clients, pour aligner nos incitations à leurs objectifs, et collaborer pour débloquer le plein potentiel de leur entreprise. Cela établit des relations profondes et agréables.

Nos services:

  1. Création des sites web professionnels
  2. Hébergement web haute performance et illimité
  3. Vente et installation des caméras de vidéo surveillance
  4. Vente et installation des système de sécurité et d’alarme
  5. E-Marketing

Toutes nos réalisations ici https://www.css-engineering.com/en/works/

LEAVE A REPLY

Please enter your comment!
Please enter your name here