Microsoft Confirms Critical Windows Server ‘Perfect 10’ Zerologon Attacks Have Started

Just days ago, the U.S. Department of Homeland Security, Cybersecurity and Infrastructure Security Agency (CISA) issued a rare emergency directive instructing all federal agencies to apply a Windows Server security update before midnight on Monday, September 21. That directive spoke of the need to take immediate and emergency action in order to mitigate the risk of a critical Windows Server exploit called Zerologon.

The exploit, which enables an attacker to become an instant administrator, is so serious it rated a perfect 10 on the Common Vulnerability Scoring System (CVSS) and Microsoft itself determined it to be of critical severity. CISA also urged local and state governments, along with organizations in the private sector, to patch their Windows Server domain controllers as a matter of urgency. Now the Microsoft Security Intelligence team, a

Read More