Blog

Alert: Update Windows Netlogon Remote Protocol Now, says Homeland Security

Alert: Update Windows Netlogon Remote Protocol Now, says Homeland Security

The Cybersecurity and Infrastructure Security Agency (CISA) has released an emergency directive concerning a critical exploit known as Zerologon, that affects servers running Windows Server operating systems that needs to get patched as soon as possible.

What’s the Exploit and Who Does It Affect?

The vulnerability in the CISA’s emergency directive affects all supported Windows Server operating systems. It’s been named Zerologon, and If left unpatched, it could allow an unauthenticated threat actor to gain access to a domain controller and completely compromise your network’s Active Directory services. The vulnerability gets its name because all the hacker has to do is send a series of Netlogon messages with the input fields filled with zeroes to gain access. 

Once in, this essentially gives the hacker a lot of control over your network, and it’s a publicly available exploit (since Microsoft has released a patch for it) which means cybercriminals will be taking advantage of it. The attacker doesn’t need any user credentials to use this exploit.

If your business network is running Windows Server, you need to have updates applied to your servers to ensure that this vulnerability is patched. If you aren’t actively keeping all the devices on your network maintained with the latest updates and security patches, you are essentially leaving the front door wide open.

The Department of Homeland Security (the parent department of the CISA), has issued a directive for all government agencies in the United States that they have until today (September  21st) to apply the patch, to prevent giving hackers control over federal networks. This means all state and local government agencies are required to apply this today and report back to the CISA. Not having this patch installed will also affect other compliance standards throughout other industries, and of course, leave your business and your data at high-risk of a breach. It is highly recommended to apply this patch today, as soon as possible, regardless of the industry you are in. We can’t stress this enough. Apply this patch as soon as humanly possible.

The Good News

If you have an active managed IT services agreement with White Mountain IT Services that covers the maintenance of your Windows Servers, you have likely already received the patch, or will be having it installed today. The patch was released by Microsoft as part of their August 2020 Patch Tuesday Update.

If you don’t have an agreement with us, or you aren’t sure if your agreement covers fixing the Zerologon vulnerability, we urge you to reach out to us by calling 603-889-0800. This is definitely not something you want to risk.

The Department of Homeland Security and the US Cybersecurity and Infrastructure Security Agency don’t issue emergency directives casually. This needs to be taken seriously for all businesses and organizations.

If you need help, or you are unsure about how to protect your organization from the Zerologon vulnerability, don’t hesitate to reach out to White Mountain IT Services at 603-889-0800.

By accepting you will be accessing a service provided by a third-party external to https://www.whitemtn.com/

Related Posts

With so many employees still working remotely, organizations have turned to technology to ensure that their workers are actually… you know, working. While the need to know what your employees are up to throughout the workday is important, there is no...
Keeping your data protected is a huge concern nowadays, with more and more safeguards needed to prevent it from being exfiltrated. Encryption is a great way to prevent your data from being any good to those who might steal it. Let’s review what encry...
If there is one shared priority most businesses and other organizations need to have it’s a strategy on how they are going to go about securing their network, infrastructure, and data from the numerous threats they face. Let’s take a look at three of...
Smart devices and Internet-of-Things devices in general have taken the world by storm, and a home without at least a handful of smart devices is quite rare to find these days. However, smart devices—or devices that connect to the Internet to perform ...
The holiday season has a variety of famous key players, including the likes of Santa, Rudolph, and the rest of the North Pole crew. Each year, they use their magic to help spread goodwill and joy to all the nice children of the world… but did you kno...
A vulnerability was recently discovered that is effectively guaranteed to impact all computer users, from private users to businesses. While this situation will take some time to resolve fully, we want to make sure you know everything that needs to b...
A vulnerability in Microsoft’s MSHTML browser engine has been discovered and tracked by Kaspersky. It is being exploited all over the world right now. How can you avoid this vulnerability so that it doesn’t affect your business? Let’s find out....
Phishing is one of those threats that has been around for a long time, and as time passes by, these threats only become more difficult to identify. Some businesses can’t tell the difference between phishing scams and actual emails. Here’s how your co...
A virtual private network, or VPN, is a critical part of keeping your business safe while operations are taking place out of the office, but a discussion needs to be had about what a VPN can do and what a VPN cannot do. This is especially important t...
If you use almost any Apple products, you’ll want to check for and apply an update that will prevent your devices from being spied on. Apple has just issued an emergency software update for a critical vulnerability that was recently discovered. The n...
As time has passed, more focus has been put on balancing a user’s identity authentication in terms of its convenience versus its security. This is what has led to the development of solutions like Windows Hello, the biometrics-based system that Micro...
Cybersecurity is a massively important consideration for today’s businesses, and as a result, managing it is often given a considerable amount of time. However, recent developments suggest that this time can potentially be reduced by the use of “self...

Onsite Service Coverage Area

Although we provide remote services and support to businesses in over 20 states, onsite services are limited to within reasonable driving distance from our offices in NH.  We will manage a local vendor for locations outside of our service area to provide onsite assistance when needed.

 

Onsite Computer Support Services are available to businesses within 60 miles of Nashua New Hampshire. We have excellent onsite coverage from Concord NH, south through Manchester NH, and then down into Boston. From Northern and Central Mass, we cover from Worcester, east to the North Shore, including the Salem and Portsmouth NH area.

 

White Mountain IT Services


33 Main Street, Suite 302
Nashua, NH 03064

 


121 Riverfront Drive
Manchester, NH 03102

603-889-0800

Open Positions