What the Zerologon vulnerability means for the state of enterprise security

On August’s Patch Tuesday, Microsoft closed several vulnerabilities, among them CVE-2020-1472, known as Zerologon. Secura’s security expert Tom Tervoort discovered the vulnerabilty and recently explained in a blog why the vulnerability is so dangerous.   By forging an authentication token for specific Netlogon functionality, he was able to call a function to set the computer password of the Domain Controller to a known value. After that, the attacker can use this new password to take control over the domain controller and steal credentials of a domain admin.

Read full article on Security Magazine