This content is viewable by Everyone
CRITICAL UPDATE: Microsoft has issued security update to address a vulnerability within the Netlogon in Windows Servers (original was sent on 8/14/20)
WHAT HAPPENED?
Microsoft has issued and Important/High security update to address a vulnerability within the Netlogon component in Microsoft Windows Server 2019.
The Cybersecurity and Infrastructure Security Agency (CISA) is aware of publicly available exploit code for CVE-2020-1472, an elevation of privilege vulnerability in Microsoft’s Netlogon.
Advanced Users: For a complete description of the security vulnerabilities and affected software refer to:
AFFECTED SYSTEMS:
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Windows Server 2012
- Windows Server 2012 R2
- Windows Server 2016
- Windows Server 2019
- Windows Server Version 1903
- Windows Server Version 1909
- Windows Server Version 2004
WHAT'S THE PROBLEM?
Exploitation of this vulnerability could allow a remote attacker to gain access to administrators’ privileges. Microsoft is addressing the vulnerability in a phased two-part rollout. Additional updates will become available in Q1 2021.