Home / SmartTech / Homeland Security issues a rare emergency alert about a “critical” Windows bug – TechCrunch

Homeland Security issues a rare emergency alert about a “critical” Windows bug – TechCrunch



Homeland Security’s cybersecurity advisory unit has issued a rare emergency alert to government departments after recently announcing a “critical” rating vulnerability in Microsoft server versions Windows.

The Cybersecurity and Infrastructure Security Agency, better known as CISA, issued a warning late Friday calling on all federal departments and agencies to “immediately” admit Windows servers susceptible to the so-called Zerologon attack by Monday patch, citing an “unacceptable risk” government networks.

It is the third emergency alert issued by CISA this year.

The Zerologon vulnerability, which has a severity level of 1

0.0 or less, could allow an attacker to take control of any or all of the computers on a vulnerable network, including domain controllers, the servers that maintain the security of a network. The bug was appropriately referred to as “Zerologon” because an attacker does not have to steal or use network passwords to gain access to the domain controllers, but can only gain a foothold in the network. B. by exploiting a vulnerable device that is connected to the network.

With full access to a network, an attacker could deploy malware or ransomware, or steal confidential internal files.

Secura, the security firm that discovered the bug, said it took “approximately three seconds in real life” to exploit the vulnerability.

Microsoft released an initial fix in August to prevent exploitation. Given the complexity of the bug, Microsoft said it would need to release a second patch early next year to completely fix the problem.

But the race to patch systems continues after researchers reportedly released proof-of-concept code that might allow attackers to use the code to launch attacks. CISA said Friday that it “believes this vulnerability is being actively exploited in the wild”.

Although the CISA alert only applies to federal government networks, the agency urges businesses and consumers to patch their systems as soon as possible, if not already.


Source link