1 min read

Microsoft Vulnerability: Unpatched Domain Controllers Remain Vulnerable

Microsoft Vulnerability: Unpatched Domain Controllers Remain Vulnerable

With most businesses operating with a hybrid onsite & remote workforce, new vulnerabilities are putting critical data and systems at risk.  Harbor will continue to monitor the cybersecurity newsfeeds and provide you with relevant information.

On September 18th, 2020, the Cybersecurity and Infrastructure Security Agency (CISA) released an emergency directive (Emergency Directive 20-04) that focuses on a vulnerability affecting the Microsoft Windows Netlogon Remote Protocol. For context, Microsoft Windows Netlogon is the Microsoft Active Directory service that authenticates users and other services within an organization’s domain.

The addressed vulnerability allows for an unauthenticated attacker to compromise the active directory identity services of an organization should they have network access to a domain controller. Should this vulnerability be exploited against your organization, the attacker could gain domain administrator privileges by changing the Active Directory password, which could cause devastating amounts of damage.

To mitigate this risk, CISA recommends (and require for all government agencies and contractors) that organizations update all Windows Servers with the domain controller role. The update they are referring to is the August 2020 Security Update. If the domain controller(s) cannot be updated, it should be removed from the network. Organizations should also ensure that there are plans in place to check that all domain controller servers are updated before they are reconnected to the organization’s networks.

Along with the linked CISA page about the vulnerability above, you can find information from Microsoft as well using this link: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472.

How to Tackle Cybersecurity Challenges in Flexible Work Settings

How to Tackle Cybersecurity Challenges in Flexible Work Settings

As flexible work environments become the new norm, safeguarding company data against advanced cyber threats is critical. You can learn how to...

Read More
Effective Cybersecurity Measures for Industrial Environments

Effective Cybersecurity Measures for Industrial Environments

In an increasingly digital world, safeguarding manufacturing environments from cyber threats is more critical than ever.

Read More
How does Microsoft Sentinel improve security for small businesses?

How does Microsoft Sentinel improve security for small businesses?

Discover how Microsoft Sentinel can be a game-changer for your small business's cybersecurity strategy.

Read More