Critical Microsoft Bug Spotted! How to Become an Admin with New Patch Update

Researchers have recently developed and also published a certain proof-of-concept exploit for a much recently known patched Windows vulnerability that will give access to a particular organization's very own crown jewels which are the Active Directory domain controllers that in turn act as a kind of all-powerful gatekeeper for the entirety of the machines connected to this network.

The CVE-2020-1472, as the whole vulnerability is tracked, actually carries some sort of critical severity rating given by Microsoft as well as a certain maximum of 10 under the whole Common Vulnerability Scoring System.

The exploits will require that a particular attacker must already have a certain foothold inside a certain targeted network, either as a kind of unprivileged insider or even through the compromise of a certain connected device.

Bug detected!

These types of post-compromise exploits have actually become quite valuable to different attackers that are trying to push either ransomware or even espionage spyware. They do this by tricking employees to actually click on a certain malicious link and also attachments found in emails making it relatively easy.

The attackers then use those different compromised computers in order to pivot to even more valuable resources but this is much harder.

It can also sometimes take about a few weeks or months to even escalate the low-level privileges to those people who needed to install certain malware or even execute certain commands.

Read Also: Razer Leaks 100,000+ Private Data While Reports About the Breach Bounce from One Support Representative to Another

The developed Zerologon

Zerologon, a certain exploit developed by some researchers from the security firm known as Secura, allows attackers to instantly gain control of the actual Active Directory. This will then allow them to have free rein and give them the power to be able to do just about anything that they want to do from adding certain new computers to the whole network or even to infecting each one with their particular malware of choice.

According to researchers from Secura in a particular white paper that was published on Friday, the attack will have a huge impact and that it basically allows just any attacker on the known local network just like certain malicious insiders or anyone who has simply plugged in a device to a certain on-premise network port in order for them to completely compromise the whole Windows domain. It was also stated that the attack is also completely unethical and that the attacker does not even need to use any of the user credentials.

The Secura researchers, who then discovered the whole vulnerability and reported this vulnerability to Microsoft, said that they have developed a certain exploit that sort of works reliably, but with the given risks, they aren't actually releasing it until they are fully confident that Microsoft's own patch has already been widely installed on different vulnerable servers.

The researchers, however, gave a warning that it's still not hard to use the Microsoft patch in order to work backward and also develop an exploit. Meanwhile, the separate researchers and other security firms have also published their very own proofs-of-concept attack code in three different places. Here. Here. And Here.

Read Also: Nikola: Electric-Hydrogen Startup Alleged Tesla 'Ripoff' Gets in Trouble for 'Intricate Fraud'

This article is owned by Tech Times

Written by Urian Buenconsejo

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics