Tripwire‘s September 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Apple, and various Linux distributions.Up first on the patch priority list this month is a very high priority vulnerability, which is called “Zerologon” and identified by CVE-2020-1472. It is an elevation of privilege vulnerability that exists due to a flaw in a cryptographic authentication mechanism used by the Netlogon Remote Protocol (MS-NRPC). During the August patch Tuesday patch release, Microsoft released patches for affected operating systems. Note that the recently released Metasploit module targets the Windows operating system. However, various versions of Samba, i.e. within the open source ecosystem, could be vulnerable to this attack (refer to the bugzilla link below) and open source proof-of-concepts are available via Github. Linux vendors such as Fedora, SuSe, and Ubuntu have released advisories and patches for their versions of Samba.Links for more information:https://github.com/rapid7/metasploit-framework/pull/14151https://www.secura.com/blog/zero-logonhttps://bugzilla.samba.org/show_bug.cgi?id=14497Linux Vendor Advisories:https://admin.fedoraproject.org/updates/FEDORA-2020-77c15664b0https://admin.fedoraproject.org/updates/FEDORA-2020-0be2776ed3https://admin.fedoraproject.org/updates/FEDORA-2020-bda96ea273< ..
Support the originator by clicking the read the rest link below.
