HC3 TLP White Sector Alert: “Zerologon” Netlogon Remote Protocol Vulnerability

September 18, 2020

In August, Microsoft released a patch for a vulnerability that is applicable to the healthcare community. CVE-2020-1472, also called Zerologon, was rated critical severity as it allows unauthenticated administrative access to a Windows domain controller (DC) and possible compromise of the entire domain. Applying the Microsoft patch will completely resolve this vulnerability, which HC3 recommends patching of vulnerable systems be prioritized for any healthcare organization.

Key Resources

Related Resources

Letter/Comment
AHA Responds to CISA Proposed Rule on Cyber Incident Reporting Requirements
Public
Advisory
HHS Issues Alert on Critical Vulnerability in ‘MOVEit,’ File Transfer Platform Used by Health Care Sector
Public
Special Bulletin
AHA Helps Secure New Cybersecurity Resources from Microsoft and Google to Assist Rural Hospitals
Public
Advancing Health Podcast
How to Survive a Cyberattack with Scripps Health: Part Two
Public
Special Bulletin
HHS Authorizes UnitedHealth Group to Make Breach Notifications on Behalf of Providers
Member
Advancing Health Podcast
How to Survive a Cyberattack with Scripps Health: Part One
Public