Homeland Security’s researchers have issued a rare emergency alert to government departments after the discovery of a critical vulnerability in Microsoft Windows Server versions.
The Cybersecurity and Infrastructure Security Agency have instantly issued an alert to all federal departments and agencies instructing them to avoid unacceptable risk and patch any Windows servers vulnerable to Zerologon attack.
The Zerologon vulnerability that was rated with a maximum severity score of 10/10 could allow an attacker to take control of any workstation or a server on a vulnerable network including domain controllers.
Security researchers from Secura who discovered this vulnerability said it only takes 3 seconds to exploit it.
In order to prevent the exploitation of this bug, Microsoft has released the fix for it back in August. Unfortunately, as this is a rather complex bug, to completely eradicate the issue Microsoft will have to roll out a second patch early next year.