Blog
home
  • Register

Data Net Blog

Alert: Update Windows Netlogon Remote Protocol Now, says Homeland Security

Alert: Update Windows Netlogon Remote Protocol Now, says Homeland Security

The Cybersecurity and Infrastructure Security Agency (CISA) has released an emergency directive concerning a critical exploit known as Zerologon, that affects servers running Windows Server operating systems that needs to get patched as soon as possible.

What’s the Exploit and Who Does It Affect?

The vulnerability in the CISA’s emergency directive affects all supported Windows Server operating systems. It’s been named Zerologon, and If left unpatched, it could allow an unauthenticated threat actor to gain access to a domain controller and completely compromise your network’s Active Directory services. The vulnerability gets its name because all the hacker has to do is send a series of Netlogon messages with the input fields filled with zeroes to gain access. 

Once in, this essentially gives the hacker a lot of control over your network, and it’s a publicly available exploit (since Microsoft has released a patch for it) which means cybercriminals will be taking advantage of it. The attacker doesn’t need any user credentials to use this exploit.

If your business network is running Windows Server, you need to have updates applied to your servers to ensure that this vulnerability is patched. If you aren’t actively keeping all the devices on your network maintained with the latest updates and security patches, you are essentially leaving the front door wide open.

The Department of Homeland Security (the parent department of the CISA), has issued a directive for all government agencies in the United States that they have until today (September  21st) to apply the patch, to prevent giving hackers control over federal networks. This means all state and local government agencies are required to apply this today and report back to the CISA. Not having this patch installed will also affect other compliance standards throughout other industries, and of course, leave your business and your data at high-risk of a breach. It is highly recommended to apply this patch today, as soon as possible, regardless of the industry you are in. We can’t stress this enough. Apply this patch as soon as humanly possible.

The Good News

If you have an active managed IT services agreement with Data Net that covers the maintenance of your Windows Servers, you have likely already received the patch, or will be having it installed today. The patch was released by Microsoft as part of their August 2020 Patch Tuesday Update.

If you don’t have an agreement with us, or you aren’t sure if your agreement covers fixing the Zerologon vulnerability, we urge you to reach out to us by calling (760) 466-1200. This is definitely not something you want to risk.

The Department of Homeland Security and the US Cybersecurity and Infrastructure Security Agency don’t issue emergency directives casually. This needs to be taken seriously for all businesses and organizations.

If you need help, or you are unsure about how to protect your organization from the Zerologon vulnerability, don’t hesitate to reach out to Data Net at (760) 466-1200.

Tip of the Week: Technology Etiquette as You Retur...
Understanding Innovations to Technology Can Help Y...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, October 23, 2020

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.4datanet.com/

Tag Cloud

Tip of the Week Security Technology Best Practices Productivity Business Computing Network Security Data Efficiency Privacy Communication IT Support Hackers Google Malware Hardware Smartphones Email User Tips Innovation Cloud Small Business Workplace Tips Microsoft Users VoIp Software Communications Business Cybersecurity Managed IT Services Mobile Device Computer Collaboration Internet Tech Term Mobile Devices Business Management Android Hosted Solutions Outsourced IT Ransomware Miscellaneous Cloud Computing Network Windows 10 Social Media Covid-19 Passwords Backup IT Services Phishing Upgrade Information Smartphone Managed Service Browser Apps Data Backup Wi-Fi Data recovery Saving Money Facebook Holiday Networking Microsoft Office Bandwidth Gadgets Applications Internet of Things Windows Wireless Compliance Automation Access Control Chrome Data Breach Managed IT services Apple Employer-Employee Relationship VPN BDR Quick Tips Gmail Remote Work Marketing Blockchain Patch Management Voice over Internet Protocol Going Green Conferencing Router Save Money Managed IT Service Mobile Office Laptop Word Office 365 Employee-Employer Relationship Analytics Value Remote Business Intelligence Health Computers Battery Healthcare Excel Cortana Twitter Processor Net Neutrality Wireless Charging Government Remote Computing Artificial Intelligence Cybercrime Scam G Suite Password Data Security Office Virtual Assistant Mobility Bring Your Own Device Virtualization Remote Monitoring and Management Batteries iPhone RAM Content Filtering Training Paperless Office Server Remote Monitoring Medical IT Data Protection Windows 7 Education Mobile Device Management Settings Data Management How To Telephony Virus Business Continuity Retail Connectivity Telephone System Payment Cards Company Culture Disaster Recovery Tech Terms Cost Management Physical Security Business Technology Social Network Eliminating Downtime Specifications Updates Remote Support Remote Workers GDPR File Sharing Millennials Data loss Chrome OS File Management Customer Relationship Management Big Data Technology Tips OneNote Cleaning IT Service Ink Database instant Messaging Threats Alert Vulnerability Information Technology Managing Stress Knowledge Employees Distribution Hosted Desktop Maintenance Plug-In Hard Drive Network Attached Storage Environment Regulations Compliance Microsoft Office 365 Edge BYOD Lead Generation IT budget Certification Streaming Media Storage HP Spam Current Events Managed Service Provider Troubleshooting Windows Server 2008 R2 Mobile PowerPoint Vulnerabilities Scams YouTube Solid State Drive Fleet Management Firewall Internet Explorer Proactive IT Processors e-waste Recycling Meetings Unified Communications Authentication eCommerce Dongle Wireless Internet Inventory Display Management Downloads Dark Web Document Management Antivirus Human Resources Congratulations Co-Managed IT Update Backup and Disaster Recovery Taskbar Botnet Recovery Sports Reporting Law Enforcement Telecommuting Machine Learning Tactics Cryptocurrency Project Management Travel Tip of the Week/Security Hard Disk Drive Multi-Factor Authentication Profiles Threat User Tip Spyware disposal Personal Information Printer Authorization Sales Online Shopping Humor Amazon IT Management Mobile Security Benchmarks Website Remote Working Trends Error Staff Managed Services Provider WhatsApp Hybrid Cloud Outlook Hard Drives Help Desk National Security Virtual Reality Search Video News Shadow IT Printing Server Management E-Commerce Bitcoin Licensing Encryption Microsoft Teams Tablet Memes WannaCry Operating System Security Cameras Risk Management A.I. User Security Digital Websites Electronic Health Records Vendor Cables Profitability Comparison SSD SaaS Workers Telecommute Time Management Insurance Live Streaming Virtual Private Network Customer Service Holidays Computer Repair Paper Tip of the week Payment Tech Support WiFi Innovations IT HIPAA Wearables PCI DSS Movies Touchscreen Voice over IP Safety Printers Thank You Regulation Analysis Financial

Latest News & Events

Please join us in congratulating Bill Vann on his promotion to Customer Success Manager....

Contact Us

Learn more about what Data Net can do for your business.

Call Us Today
Call us today
(760) 466-1200

5795 Kearny Villa Road
San Diego, California 92123