US Homeland Security issues cyber security alert regarding Windows servers

According to the US Department of Homeland Security’s cyber advisory unit, server versions of Microsoft Windows have a critical security vulnerability.

An emergency alert has been issued to government departments to take action immediately.

The Cybersecurity and Infrastructure Security Agency (CISA) issued an alert on Friday requiring all federal agencies and departments to apply patches to Windows servers that are vulnerable to the so-called Zerologon attack, which would put government networks at great risk.

This is the third CISA-issued emergency alert so far in 2020.

This particular vulnerability has received a rating of 10.0, indicating the highest degree of severity.

If an attacker compromised it, they could take control of any computers connected to a network that is vulnerable (this includes domain controllers).

Zerologon received its appropriate name as an attacker does not need to steal any network credentials before executing their attack.

Instead, it exploits a vulnerable device connected to the network, which is all it takes to compromise and take control.

Upon breaching the defences, the attacker can deploy ransomware or other malware and steal sensitive data.

Secura, a cyber security company, discovered the bug.

According to Secura’s findings, it takes approximately three seconds to exploit the vulnerability.

Microsoft released an initial fix in August to stop exploitation.

However, due to the complexity of the bug, a second patch will be necessary to resolve the issue in its entirety.

Given that researchers have released proof-of-concept code that could also be used by an attacker, the pressure is on network administrators to deploy the fix as fast as possible.

CISA believes that this vulnerability is being actively exploited in the wild.

Although federal networks are at greatest risk, companies and consumers should not hesitate to patch their systems as soon as possible.