CyberRes

Zerologon bug is a perfect 10. Patch now or crash hard

0 Likes

over 1 year ago

A researcher found a really nasty bug in Windows Server, calling it Zerologon. The Active Directory domain controller code screws up an important bit of AES, earning a perfect 10 on the CVSS scale.

Our Security Blogwatch editor curated some bloggy bits for your entertainment and also offers the moral of the story:

Run—do not walk—to your AD domain controllers (metaphorically speaking). And start planning for February’s second shoe droppage. Read full story here

Tags:

Windows Server bug

Active Directory

Domain Controller

zerologon

Labels:

Other

Comment List

Recommended

Resources

Support

Documentation

Training

CyberRes Academy

Partner Portal

Compliance

Help

Company

Accessibility
Anti-Slavery Statement

Support
How To Buy

Careers
Investor Relations

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.

Menu

console.log( 'purl: /cyberres/w/securitynewsevents/12968/zerologon-bug-is-a-perfect-10-patch-now-or-crash-hard\npurl.Contains("/img/zenworks/f/zenworks-expert-day"): False' ) CyberRes

Labels

Zerologon bug is a perfect 10. Patch now or crash hard

Tags:

Labels:

Resources

CyberRes