The DHS websites platform is for the time being unavailable. Our programs
must be abet up nearly straight away. Please near abet and take a look at again rapidly.
This has been posted on /r/sysadmin on Reddit:
Twitter post explaining it:
Blog post explaining it:
Script to test vulnerable domain controllers here: https://github.com/SecuraBV/CVE-2020-1472
Here's the description for CVE-2020-1472: An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.
This refers to a vulnerability that was patched in August; any systems that are still unpatched are over a month behind. In general, most security patches (for any software that's in use) are urgent; once a patch is out, some adversaries are going to reverse-engineer the patch to find out what the bug was, and mass-exploit targets that haven't patched. Any server which is that far out of date on its patches is either in need of a sysadmin, or has a sysadmin who's being negligent. There is no excuse.
As this is a protocol level vulnerability, older versions of Samba were also affected.
Security release announcement is here:
After a previous vulnerability we changed our defaults to require schannel for release 4.8, which protects against the CVE-2020-1472 problem, but admins could turn off this protection to work with older/less secure products.
Further hardening of Samba is currently taking place to protect our users from the bug.
Enregistrer mon nom, mon e-mail et mon site web dans le navigateur pour mon prochain commentaire.
Human Ageing Reversed in ‘Holy Grail’ Bump into, Scientists Protest