ABSTRACT

Emergency Directive 20-04: Mitigate Netlogon Elevation of Privilege Vulnerability from August 2020 Patch Tuesday, September 18, 2020   [open pdf - 402KB]

From the Background: "On August 11, 2020, Microsoft released a software update to mitigate a critical vulnerability in Windows Server operating systems (CVE-2020-1472). The vulnerability in Microsoft Windows Netlogon Remote Protocol (MS-NRPC), a core authentication component of Active Directory, could allow an unauthenticated attacker with network access to a domain controller to completely compromise all Active Directory identity services. Applying the update released on August 11 to domain controllers is currently the only mitigation to this vulnerability (aside from removing affected domain controllers from the network). CISA [Cybersecurity & Infrastructure Security Agency] has determined that this vulnerability poses an unacceptable risk to the Federal Civilian Executive Branch and requires an immediate and emergency action. [...] CISA requires that agencies immediately apply the Windows Server August 2020 security update to all domain controllers."

Report Number:
Cybersecurity and Infrastructure Security Agency Emergency Directive 20-04; CISA ED 20-04
Publisher:
Date:
2020-09-18
Series:
Copyright:
Public Domain
Retrieved From:
DHS Cybersecurity Directives: https://cyber.dhs.gov/
Format:
pdf
Media Type:
application/pdf
URL:
Help with citations