The information security firm Secura recently released a writeup of a very serious flaw in Windows Server and Active Directory which allows attackers to completely take over a domain controller if they have access to any workstation in the domain. The vulnerability was patched in the August update from Microsoft, but the details have only recently been released.
The English version is the existence of a flaw in Windows Server software on a Domain Controller Server giving a 1 in 256 chance that allows an attacker to bypass authentication. This attack is very quick and can take less than 3 seconds to change the password for a Domain Controller computer and completely take over control of a domain.
The more technically minded can read more at https://www.secura.com/pathtoimg.php?id=2055 The vulnerability is being addressed by Microsoft in two parts, firstly via their regular updates mid-August with a further update due in the first quarter of 2021 (due 9th Feb).
For anyone with a domain controller in their network, or if you are not sure what functions your server actually performs, these patches could be vital. Contact our Helpdesk for advice if you are in doubt.
