Microsoft vulnerability flagged for “emergency action”

Featured image

Share this article

Microsoft Vulnerability Flagged for

The Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security (DHS) has declared that a Microsoft security vulnerability “poses an unacceptable risk” and “requires an immediate and emergency action.”

What happened?

The vulnerability was disclosed on August 11, 2020 by Microsoft, which issued a notice about Active Directory and its Microsoft Windows Netlogon Remote Protocol (MS-NRPC). An unauthenticated attacker could use it to obtain domain administrator access and compromise all Active Directory identity services.

The situation became much more urgent when an exploit code for this vulnerability was publicly released.

“Given the nature of the exploit and documented adversary behavior, CISA assumes active exploitation of this vulnerability is occurring in the wild,” CISA said in its announcement.

What was the response?

CISA set a Sept. 21, 2020 deadline for all its executive branch departments and agencies to install Microsoft’s August 2020 Security Updates on all affected servers.

While the agency’s jurisdiction only covers certain federal agencies, CISA strongly recommends that everyone, including the private sector as well as state and local governments, “patch this critical vulnerability as soon as possible.”

What should businesses do?

It is good business and security practice to keep all operating systems and application software up to date, though companies often fall behind, especially when managing multiple systems with limited resources.

For Microsoft systems, administrators should be familiar with “Patch Tuesday,” when the company typically releases updates to its software. The Microsoft Security Resource Center (MSRC) also maintains a Security Update Guide to highlight all updates related to security vulnerabilities.

This particular vulnerability, designated CVE-2020-1472, is clearly a pressing threat, with code widely available to hackers to exploit. Companies should install the August 2020 Security Updates as soon as possible.

The updates will require changes in how companies manage Netlogon secure channel connections. These changes should be reviewed by your information technology system administrators.

What happens next?

Microsoft’s August 2020 Security Updates actually include only the first of a two-phase response to this vulnerability, with the second part expected to be delivered in the first quarter of 2021.

The second phase will cover non-Windows devices using unofficial implementations MS-NRPC. It is delayed to allow the vendors who built them to provide updates.

Once the second phase is in place, Microsoft will enforce protection for all domain-joined devices. This means “your organization risks devices in your environment being denied access when the enforcement phase starts,” the company warns.

How can I keep up with Microsoft updates?

If you wish to be notified when these and other updates are released, Microsoft recommends that you register for its Microsoft Technical Security Notifications mailing list.

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Ryan Ozawa

Read more by Ryan Ozawa

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022