Unpatched Domain Controllers Remain Vulnerable to Netlogon Vulnerability, CVE-2020-1472

Original release date: September 24, 2020The Cybersecurity and Infrastructure Security Agency (CISA) is aware of active exploitation of CVE-2020-1472, an elevation of privilege vulnerability in Microsoft’s Netlogon. A remote attacker can exploit this vulnerability to breach unpatched Active Directory domain controllers and obtain domain administrator access. Applying patches from Microsoft’s August 2020 Security Advisory for CVE-2020-1472 can prevent exploitation of this vulnerability. CISA has released a patch validation script to detect unpatched Microsoft domain controllers. CISA urges administrators to patch...