(DirectSourceNews.org) The Cybersecurity and Infrastructure Security Agency (CISA) has released Emergency Directive (ED) 20-04 addressing a critical vulnerability— CVE-2020-1472—affecting Microsoft Windows Netlogon Remote Protocol.  An unauthenticated attacker with network access to a domain controller could exploit this vulnerability to compromise all Active Directory identity services.

Earlier this month, exploit code for this vulnerability was publicly released.  Given the nature of the exploit and documented adversary behavior, CISA assumes active exploitation of this vulnerability is occurring in the wild.

ED 20-04 applies to Executive Branch departments and agencies; however, CISA strongly recommends state and local governments, the private sector, and others patch this critical vulnerability as soon as possible.  Review the following resources for more information:

Published on www.STL.News

Published on UltimateHost.Domain

Published on RemotePC.Repair

Published on DSNNews.net

Source link

Author: Editor
Editor represents multiple online news sites, including STL.News, RSSNews.Press and more. As a media company offering website hosting, design and SEO we create the news sites in part to illustrate our "search engine friendly" web hosting and design services. In addition, we believe that our "direct source news" concept helps provide accurate information to the public without bias.