Windows 10: discovered one of the most serious bugs ever

By Brian Adam
Brian Adam
Brian Adam
Professional Blogger, V logger, traveler and explorer of new horizons.

Windows 10: discovered one of the most serious bugs ever

With the latest Patch Tuesday, Microsoft corrected what can effectively be called one of the most serious bugs ever discovered in Windows 10. The vulnerability carries the identification code “CVE-2020-1472” and fortunately it was closed by the Redmond giant.

The name given by the Dutch Secure researchers, who discovered it, is Zerologon and got the CVSSv3 severity level 10/10 as it threatens Windows-based corporate networks and allows cybercriminals to modify Active Directory domains.

According to what has been stated, in fact, Zerologon would be able to make secure authentication practically useless in Active Directory domains. A hacker, knowing the flaw, could remotely send authentication tokens for bypass the algorithm that deals with the encryption of the Netlogon service.

As stated in the full report, it would be enough to enter a value of a specific parameter string consisting of zero numbers only, and in five steps you disable the Active Directory domain server password to take control of the network.

The consequences can be dire: once you take control of the network it is possible to send malware and viruses to all connected PCs, to control them remotely.

For this reason we recommend installing Patch Tuesday and security updates.

