DataEndure | Managed Cybersecurity. It's about time.

Services
- Managed Services
  Cloud Security
  
  Email Security
  
  Endpoint Security
  
  Network Security
  
  N-SOC
  
  Compliance
  GRC
  
  Readiness Assessments
  
  Risk Management
  
  Complimentary Health Checks
  Network Health Check
  
  Resiliency Workshop
  
  Security Health Check
  
  In-Depth Assessments
  Application Dependency Mapping
  
  CISO Assessment
  
  Dark Data Assessment
  
  Network Assessment
  
  Penetration Testing
  
  Why Layered Defense is Critical
  
  Layered security is about protecting all vectors that have access into your network, and the network is no longer just inside your datacenter. It's wherever your endpoints, people, data, and assets reside.
  
  View the Video >>
Expertise
- Security & Compliance
  Layered Defense Strategy
  
  Cyber Threats & Solutions
  
  Information Management
  Data Resilience
  
  Cloud & Data Science
  Digital Transformation
  
  Infrastructure
  Scale and Efficiency
  
  Network
  Network Resilience
  
  What does "Good" Cybersecurity look like?
  
  Discover key insights for robust cybersecurity, addressing critical gaps and navigating evolving threats.
  
  Read the Blog >>
Industries
Company
- About Us
  Leadership
  
  News
  
  In the Community
  
  Careers
  
  Contact Us
  
  Partners
  Strategic Partners
  
  Technology Partners
  
  Partner Program
  
  Leading the Way Through Change
  
  Explore over 40 years of industry leadership and lasting impact as we delve into the remarkable history of Data Endure.
  
  Learn More >>
Resources
- Learn
  Security Advisories
  
  Blog
  
  Case Studies
  
  Podcast
  
  Events
  
  Videos
  
  White Papers
  
  Connect
  Contact Us
  
  Newsletter Sign Up
  
  Partner Program
  
  Watch our Tech Talk Series
  
  Stay up to date on the latest in cybersecurity with our monthly Tech talk series.
  
  Watch the Series >>

Critical Security Advisory: Vulnerability in Microsoft Windows Netlogon Remote Protocol

September 21, 2020

CRITICAL: Vulnerability in Microsoft Windows Netlogon Remote Protocol

Situation

Microsoft has discovered and patched vulnerabilities for its Microsoft Windows Netlogon Remote Protocol (MS-NRPC).

Problem

Microsoft Windows Netlogon Remote Protocol (MS-NRPC) reuses a known, static, zero-value initialization vector (IV) in AES-CFB8 mode. This allows an unauthenticated attacker to impersonate a domain-joined computer, including a domain controller, and potentially obtain domain administrator privileges.

Implication

An unauthenticated attacker with network access to a domain controller can impersonate any domain-joined computer, including a domain controller. Among other actions, the attacker can set an empty password for the domain controller's Active Directory computer account, causing a denial of service, and potentially allowing the attacker to gain domain administrator privileges.

Need

On August 11, 2020, Microsoft issued updates to address this vulnerability. It is advised to install these patches as soon as possible

For a brief overview:

https://us-cert.cisa.gov/ncas/current-activity/2020/09/17/certcc-releases-information-critical-vulnerability-microsoft

For a more detailed overview:

https://www.kb.cert.org/vuls/id/490028

NEW BLOG:Seeing the Bigger Picture: Achieving Digital Resilience

+ +

Chat with usLiveChat