Click to Skip Ad
Closing in...
  1. Screwdriver Set Amazon
    13:47 Deals

    Amazon shoppers rave about this 22-in-1 screwdriver set that’s down to $18 today

  2. Surge Protector Amazon
    15:01 Deals

    Brilliant $30 Amazon find expands a power outlet without an ugly power strip

  3. Kasa Smart Home Sale
    12:05 Deals

    Amazon’s massive Kasa smart home sale has deeper discounts than Prime Day

  4. Amazon Deals
    10:12 Deals

    Today’s top deals: $50 soundbar, Alexa in your car for $20, $90 Ring Doorbell 2, $23…

  5. Best Beach Towels For Sand
    09:02 Deals

    You’ll never go to the beach again without this $17 Amazon find from a viral TikTok

Hackers can use a critical Window bug to access computers on a network in seconds

September 21st, 2020 at 5:47 PM
Windows 10 Zerologon
  • Homeland Security issued an emergency alert on Friday for a severe Windows vulnerability called Zerologon that would allow hackers to gain access to any computer of a network within minutes.
  • The Cybersecurity and Infrastructure Security Agency (CISA) strongly advises all governmental agencies to upgrade their systems, urging Windows users in the private sector and the general public to do the same.
  • Microsoft issued a patch in August for the issue but will follow up with another fix in the coming months.

Security researchers have identified a severe security issue affecting Windows that would allow attackers to take over computers and use them for nefarious reasons in “about three seconds in practice.” The vulnerability is so severe that Homeland Security issued a rare emergency alert on Friday, advising everyone to “go get patching,” including governmental agencies, state and local governments, the private sector, and the general public.

First detailed by Secura (via TechCrunch), the vulnerability is called Zerologon (CVE-2020-1472) and is rated the maximum in severity (or 10.0). The security issue allows attackers to control any or all computers on a vulnerable network, including the domain controllers, the servers that handle the security of the network.

Unlike other attacks, Zerologon doesn’t require the attackers to steal credentials related to a network to gain access to other computers on the network. Hackers would only need to forge an authentication token for a specific Netlogon functionality. After that, they would set the computer password of the Domain Controller to whatever they wanted. This would then give them access to the credentials of a domain admin — from Secura:

The vulnerability stems from a flaw in a cryptographic authentication scheme used by the Netlogon Remote Protocol, which among other things can be used to update computer passwords. This flaw allows attackers to impersonate any computer, including the domain controller itself, and execute remote procedure calls on their behalf.

Access to a network would then give the attackers unchecked control over other computers. Hackers would install other malicious programs, including malware or ransomware, and steal sensitive internal files.

Microsoft issued a patch in August to prevent exploitation, but that’s not a permanent fix. A second patch would roll out early next year to eradicate the matter. The CISA warning makes it clear the issue is quite severe:

Left unpatched, this vulnerability could allow attackers to compromise network identity services. We have directed agencies to implement the patch across their infrastructure by Monday, September 21, and given instructions for which of their many systems to prioritize.

CISA already “assumes active exploitation of this vulnerability is occurring in the wild.”

Conversely, the Senate is considering a bill requiring tech companies to build backdoors into their encrypted product and devices. Once hackers discover it, a backdoor would work a lot like this newfound Windows hack. Attackers would attempt to gain access to tools and abuse the security issue. That’s not to say the Zerologon security issue is a backdoor, but its severity makes it a great candidate for comparing it with one.

Chris Smith started writing about gadgets as a hobby, and before he knew it he was sharing his views on tech stuff with readers around the world. Whenever he's not writing about gadgets he miserably fails to stay away from them, although he desperately tries. But that's not necessarily a bad thing.

Popular News