Samba Issues Patches for Zerologon Vulnerability


The Samba team has released patches for a critical-severity elevation of privilege vulnerability impacting the Microsoft Windows Netlogon Remote Protocol (MS-NRPC).

Also referred to as Zerologon and tracked as CVE-2020-1472, the security issue was addressed on August 2020 Patch Tuesday and can be triggered when an adversary connects to a domain controller using a vulnerable Netlogon secure channel connection.

An attacker can leverage a specially crafted application on a device connected to the network to exploit the vulnerability and gain domain administrator access.

On Friday, the DHS issued an Emergency Directive requiring all federal agencies to address the flaw within three days, deeming it an “unacceptable risk to the Federal Civilian Executive Branch.”

Read more…