Microsoft and the U.S. Cybersecurity and Infrastructure Security Agency have issued warnings that a critical vulnerability in Windows Server dubbed "Zerologon" is being actively exploited in the wild. They urge users to immediately apply an available partial patch.
CISA had previously ordered federal agencies to apply the patch by Tuesday before issuing its second alert on Thursday that the vulnerability, which is tracked as CVE-2020-1472 is now being exploited (see: CISA Pushes Government Agencies to Patch 'Zerologon' Flaw).
The Zerologon vulnerability was given a CVSS score of 10 - the most critical.
Microsoft Sounds Alarm
On Wednesday, the Microsoft Security Intelligence team issued its alert warning that attackers were exploiting the Zerologon vulnerability. "We have observed attacks where public exploits have been incorporated into attacker playbooks," Microsoft warns.
Microsoft 365 customers can refer to the threat analytics report we published in Microsoft Defender Security Center. The thre ..