HC3 TLP White Sector Alert: “Zerologon” Netlogon Remote Protocol Vulnerability

September 18, 2020

In August, Microsoft released a patch for a vulnerability that is applicable to the healthcare community. CVE-2020-1472, also called Zerologon, was rated critical severity as it allows unauthenticated administrative access to a Windows domain controller (DC) and possible compromise of the entire domain. Applying the Microsoft patch will completely resolve this vulnerability, which HC3 recommends patching of vulnerable systems be prioritized for any healthcare organization.

Key Resources

Related Resources

AHA Center for Health Innovation Market Scan
Assessing the Health Care Environment for 2025
Public
Standards/Guidelines
Become an AHA Preferred Cybersecurity Provider
Public
AHA Center for Health Innovation Market Scan
4 Keys to Manage Third-Party Cybersecurity Risk
Public
Letter/Comment
AHA Requests Flexibility Extension from HHS on DEA Telemedicine Prescribing
Public
Special Bulletin
Supply Chain Updates Following Temporary Closure of Baxter’s Plant in North Carolina Due to Hurricane Helene
Public
AHA Center for Health Innovation Market Scan
Providers Boost Cybersecurity Spending in Wake of Change Healthcare Breach
Public