November 29, 2024
windows_update

Panggilan darurat untuk semua para system administrator untuk segera melakukan update Windows Server kalian. Hal ini karena hasil investigasi dari Agensi Keamanan Cyber Amerika mendeteksi adanya ancaman dengan codename Zerologon vulnerability (CVE-2020-1472).

Sebenernya saya males banget untuk translate dan takut merubah arti aslinya. Sebaiknya anda-anda baca sendiri yak hahaha…

Kata CISA

The background to the CISA statement is the knowledge, that the Zerologon vulnerability (CVE-2020-1472) allows Active Directory Domain Controllers (DC) to be overtaken and that there is a publicly available exploit for the vulnerability. CVE-2020-1472 is a Privilege Escalation Vulnerability that is made possible by the insecure use of AES-CFB8 encryption for Netlogon sessions. See also my blog post Windows Server: Zerologon vulnerability (CVE-2020-1472) allows domain hijacking. CISA writes about it:

CISA has determined that this vulnerability poses an unacceptable risk to the Federal Civilian Executive Branch and requires an immediate and emergency action. This determination is based on the following:

  • the availability of the exploit code in the wild increasing likelihood of any unpatched domain controller being exploited;
  • the widespread presence of the affected domain controllers across the federal enterprise;
  • the high potential for a compromise of agency information systems;
  • the grave impact of a successful compromise; and
  • the continued presence of the vulnerability more than 30 days since the update was released.

CISA requires agencies to immediately apply the Windows Server August 2020 security update to all domain controllers.

Intinya

Setelah panjang lebar, intinya adalah kita diharuskan untuk melakukan Windows Update minimal untuk Agustus 2020 security update di bagian domain controller.

Sayangnya pada Windows Server 2008 tidak tersedia patch fix ini, kecuali kamu pernah berlangganan Microsoft ESU program sebelumnya.

Sedangkan untuk Windows Server 2012 ke atas bisa langsung melakukan upgrade dan reboot servernya untuk apply patch.

Sebenarnya ada cara untuk alternatif fix CVE-2020-1472 di Windows Server 2008, namun saya sarankan untuk segera pindah ke environment Windows Server 2012 atau 2016 segera. Karena kemungkinan makin banyak bugfix yang bakal bermunculan.

Baca juga : Cara mengembalikan kartu indosat yang hangus.

Leave a Reply

Your email address will not be published. Required fields are marked *

Related News

shell indonesia

Fakta atau Hoax Shell Tutup di Indonesia?

November 26, 2024
powershell

Tidak Bisa Execute Powershell Script

November 26, 2024

You may have missed

microsoft 365

Cara Redeem Microsoft 365 Dengan Mudah

November 29, 2024
shell indonesia

Fakta atau Hoax Shell Tutup di Indonesia?

November 26, 2024
powershell

Tidak Bisa Execute Powershell Script

November 26, 2024
calvin verdonk 2

Aksi Heroik Calvin Verdonk

November 21, 2024
indonesia vs arab saudi home

Hore! Cetak Sejarah Menang Lawan Arab Saudi

November 21, 2024
ragnarok classic

Nostalgia Bermain Ragnarok Classic

November 21, 2024