Yes there are rumblings of the ZeroLogon issue at Threatpost articles:

Microsoft Zerologon Flaw Under Attack By Iranian Nation-State Actors.

Dark Reading article: One year later…  a look back at Zerologon!

 

For August 2021 patch Tuesday (August 10th) 120  vulnerabilities are fixed including 2 zero -days and one elevation-of-privilege  flaw in Netlogon remote protocol.  The escalation privilege bug was a 8.8 on the CVSS Score (0-10) but it has been recently revised to 10.0

The reason is that the hackers have developed better attack angles and can do more to penetrate your systems.  the researcher tom tervoort wrote a research paper last September: Whitepaper Zerologon.

 

how can you stay ahead of the game

The only way to attempt to stay ahead of the game is to patch your systems as much as possible. Every month there are vulnerabilities and if you wait long enough the vulnerability may get changed and upgraded from 8.8 to 10.0.

Zero Day vulnerabilities are interesting since they cannot be fixed. But they do get a fix, so eventually you can fix them and then you should upgrade and patch as soon as practical. What you could do is to create a defined method of risk management as I mention in my book. This method will help you create a better cybersecurity defense.

Needless to say if you do not patch and then eventually the vulnerability will cause problems.

Contact us for specific help, but check out the book otherwise.

 

By zafirt

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.