Blog

Alert: Update Windows Netlogon Remote Protocol Now, says Homeland Security

Alert: Update Windows Netlogon Remote Protocol Now, says Homeland Security

The Cybersecurity and Infrastructure Security Agency (CISA) has released an emergency directive concerning a critical exploit known as Zerologon, that affects servers running Windows Server operating systems that needs to get patched as soon as possible.

What’s the Exploit and Who Does It Affect?

The vulnerability in the CISA’s emergency directive affects all supported Windows Server operating systems. It’s been named Zerologon, and If left unpatched, it could allow an unauthenticated threat actor to gain access to a domain controller and completely compromise your network’s Active Directory services. The vulnerability gets its name because all the hacker has to do is send a series of Netlogon messages with the input fields filled with zeroes to gain access. 

Once in, this essentially gives the hacker a lot of control over your network, and it’s a publicly available exploit (since Microsoft has released a patch for it) which means cybercriminals will be taking advantage of it. The attacker doesn’t need any user credentials to use this exploit.

If your business network is running Windows Server, you need to have updates applied to your servers to ensure that this vulnerability is patched. If you aren’t actively keeping all the devices on your network maintained with the latest updates and security patches, you are essentially leaving the front door wide open.

The Department of Homeland Security (the parent department of the CISA), has issued a directive for all government agencies in the United States that they have until today (September  21st) to apply the patch, to prevent giving hackers control over federal networks. This means all state and local government agencies are required to apply this today and report back to the CISA. Not having this patch installed will also affect other compliance standards throughout other industries, and of course, leave your business and your data at high-risk of a breach. It is highly recommended to apply this patch today, as soon as possible, regardless of the industry you are in. We can’t stress this enough. Apply this patch as soon as humanly possible.

The Good News

If you have an active managed IT services agreement with White Mountain IT Services that covers the maintenance of your Windows Servers, you have likely already received the patch, or will be having it installed today. The patch was released by Microsoft as part of their August 2020 Patch Tuesday Update.

If you don’t have an agreement with us, or you aren’t sure if your agreement covers fixing the Zerologon vulnerability, we urge you to reach out to us by calling 603-889-0800. This is definitely not something you want to risk.

The Department of Homeland Security and the US Cybersecurity and Infrastructure Security Agency don’t issue emergency directives casually. This needs to be taken seriously for all businesses and organizations.

If you need help, or you are unsure about how to protect your organization from the Zerologon vulnerability, don’t hesitate to reach out to White Mountain IT Services at 603-889-0800.

Related Posts

Cybersecurity has changed considerably since 2017, and any business that wants to survive in the evolving online environment needs to consider how they are protecting their assets. We want to take a look at precisely how cybersecurity has changed sin...
Security is one of the most important parts of running a business, especially today when organizations rely so heavily on their technology solutions. Some of the most dangerous threats lurk on a business’s network, watching and waiting for an opportu...
In light of all the data leaks and vulnerabilities that have been brought to light over the past few years, network security has to be a priority for every business. One problem many organizations have is that while they are protecting their network ...
Anyone who uses the Internet has to be aware of the dangers involved. Beyond the safety of your network’s security solution, there lies a horde of malicious entities just waiting for you to let your guard down. All it takes is one moment to release t...
Mobile devices continue to be an important part of doing business, and organizations are ready and willing to accept them into the workplace environment with open arms. Yet, the fact remains that doing so can be of significant risk. Believe it or not...
The reliance the modern business has on its IT cannot be understated. As a result, to keep their computing network and infrastructure running efficiently, companies need to have a network and cybersecurity policy in place. With the development and us...
Cybersecurity is one of the most talked about problems facing the modern business. This is because cybercrime has increased precipitously while businesses have moved more of their processes onto the computer. Planning how to protect your business’ cr...
Even the most innocent Internet user can fall victim to the stray hacking attack, and it’s all thanks to the manner in which malware reverse-engineers software. This process is how a hacker finds vulnerabilities in software. However, a new security c...
Databases are exceptionally useful for allowing access to important data, but they by default expose data to risks depending on how they are stored. If a database is stored in the cloud, for example, it could potentially be exposed to threats that pu...
Security has never been easy for any business that deals with sensitive information. Nowadays, even a small business that uses an Internet connection has to worry about hackers and malware of all types. This is especially problematic for small health...
The online world is a scary place. Viruses, malware, spyware, adware, and more are all out there trying to get at your network. These threats are almost always prevalent, but compared to each other, some are vastly superior and far more dangerous and...
While security experts tend to focus the brunt of their discussions on desktop OS vulnerabilities, there are plenty of mobile malware threats that fly under the radar. One such malware is called Hummer; a trojan that installs unwanted apps and malwar...

Onsite Service Coverage Area

Although we provide remote services and support to businesses in over 20 states, onsite services are limited to within reasonable driving distance from our office in NH.  For locations outside of our service area, we will manage a local vendor to provide onsite assistance when needed.

 

Onsite Computer Support Services are available to businesses within 100 miles of Nashua New Hampshire. We have excellent onsite coverage from Concord NH, south through Manchester NH, and then down into Boston. From Northern and Central Mass, we cover from Worcester, east to the North Shore, including the Salem and Portsmouth NH area.

 

White Mountain IT Services
33 Main Street, Suite 302
Nashua, New Hampshire 03064

 

603-889-0800

map nashua4 1

 

Open Positions