It’s not really rare to hear news about one Windows vulnerability or another ranging from the trivial to the critical. There are only a few times, however, when the DHS, best known as the US Department of Homeland Security, speaks about it. Yet for the third time this year, the department’s Cybersecurity and Infrastructure Security Agency or CISA published a warning about a critical flaw affecting the server editions of Windows, urging all government units to immediately patch their systems before it’s too late.
The vulnerability was reported by security company Secura and dubbed Zerologon because of how simple it was to exploit. Well, not completely simple since it still requires an attacker to first gain access to a vulnerable device that’s connected to the network. After that, however, the attacker doesn’t even need to steal passwords to gain access to the server.
The implications of this vulnerability are so severe that the CISA rated it with the maximum 10.0 score. Homeland Security rarely rings the alarm over vulnerabilities so when it does, people tend to take notice.
Microsoft already released a patch for Windows servers to mitigate the exploit but it might not be until early next year that it will be able to completely plug it up. Until then, however, server administrators and owners will have to scramble patch things up and keep an eye on things. Making things a bit more complicated is that security researchers have reportedly made a proof-of-concept code available that can be used by potential attackers.
The CISA’s directive applies to federal government networks but that doesn’t mean other networks are protected. The vulnerability affects any Windows server installation, including for companies and consumers, but governments and larger corporations are always bigger targets for hackers.