Contact Us

Newsletter Sign-Up

2 min read

The ZeroLogon Exploit (CVE-2020-1472)

By Carl Keyser on Sep 22, 2020 8:00:00 AM

If you haven't installed Microsoft's August patch updates for your Active Directory domain controllers, you might want to reconsider. A brand new exploit (officially called CVE-2020-1472 by Microsoft and Zerologon by Tom Tervoort, the researcher who discovered it) allows an attacker to compromise an unpatched Active Directory domain controller via just a TCP connection without the need for any domain credentials.

Topics: Exploit Security Exploit Domain Controllers Active Directory