- CISA is aware of active exploitation of Netlogon bug
- A remote attacker can exploit the vulnerability to breach unpatched Active Directory domain controllers and obtain domain administrator access
- Agency urges admins to applyi patches from Microsoft’s August 2020 Security Advisory for CVE-2020-1472
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory urging businesses to patch a critical vulnerability in the Microsoft Netlogon Remote Protocol. The reason? Malicious actors have knitted together some exploit code for it.