Iranian backed hacker group is exploiting Windows Zerologon flaw, warns Microsoft

Microsoft Security Response Center warned today about the MuddyWater cyber-espionage group abusing the Zerologon exploits in their recent attacks. This isn't the first time a similar warning has been issued - on September 23th company warned the administrators about the necessity of the security updates to defend against attacks, abusing Zerologon exploits. Zerologon is a critical security flaw that allows attackers to elevate privileges to a domain administrator, thus making them capable of taking control over the entire domain, changing users' passwords and so on. Microsoft is working on the fix for the exploits. It will be pushed in two stages to avoid the authentication problems. Read more...