{"id":15812,"date":"2020-09-16T18:00:36","date_gmt":"2020-09-16T16:00:36","guid":{"rendered":"https:\/\/www.vunkers.com\/?p=15812"},"modified":"2020-09-17T08:50:31","modified_gmt":"2020-09-17T06:50:31","slug":"zerologon-vulnerabilitat-per-als-controladors-de-domini-de-windows-server","status":"publish","type":"post","link":"https:\/\/www.vunkers.com\/ca\/insights-i-noticies\/seguretat-informatica\/zerologon-vulnerabilitat-per-als-controladors-de-domini-de-windows-server\/","title":{"rendered":"Zerologon, vulnerabilitat per als controladors de domini de Windows Server"},"content":{"rendered":"<h2>Zerologon: La nova vulnerabilitat cr\u00edtica que afecta els controladors de domini de Windows Server, no es soluciona nom\u00e9s actualitzant.<\/h2>\n<p>Sembla que est\u00e0 sent un mal any per a Redmon. Fa un parell de mesos un <strong>equip de seguretat<\/strong> va reportar a <strong>Microsoft<\/strong> una vulnerabilitat explotable en el seu <strong>sistema Netlogon<\/strong> CVE-2020-1472, que permeti una escalada de privilegis. Actualment <strong>aquest sistema s&#8217;utilitza per a la comunicaci\u00f3 de tots els clients<\/strong> (Windows o Altres dispositius) <strong>amb controladors de Domini de Windows<\/strong> en totes les seves versions.<\/p>\n<p>Aquesta vegada, la vulnerabilitat afecta intr\u00ednsecament al protocol de Netlogon. Aix\u00f2 significa que no \u00e9s possible actualitzable sense modificar el comportament del servei Netlogon.<\/p>\n<p>El que Microsoft ha fet \u00e9s separar aquesta actualitzaci\u00f3 en 2 fases:<\/p>\n<hr \/>\n<p><strong>Fase 1: Fase d&#8217;implementaci\u00f3 inicial<\/strong><\/p>\n<p>Aquesta fase es va iniciar amb una actualitzaci\u00f3 de l&#8217;11 d&#8217;agost, que entre altres coses realitza:<\/p>\n<ul>\n<li>For\u00e7ar la implementaci\u00f3 segura de Netlogon en equips clients que la suportin<\/li>\n<li>Registrar en el log de sistema amb esdeveniment ID 5829, les connexions que encara connecten amb el protocol antic.<\/li>\n<\/ul>\n<p>Durant aquesta fase <strong>cal auditar el servidor<\/strong>, amb l&#8217;ajuda de l&#8217;esdeveniment 5829, per eliminar totes les connexions que fan servir el protocol Netlogon antic, fins que el visor d&#8217;esdeveniments quedi net d&#8217;aquest esdeveniment.<\/p>\n<p><strong>Fase 2: Fase d&#8217;exig\u00e8ncia<\/strong><\/p>\n<p>Aquesta fase es llan\u00e7a el 9 de febrer de 2021. I consisteix a desactivar el servei Netlogon antic, exigint \u00fanicament la nova implementaci\u00f3 de Protocol. En cas de no ser possible s&#8217;haur\u00e0 d&#8217;exigir, via directiva de grup, &#8220;Permetre connexions de canals segurs de Netlogon vulnerables&#8221;.<\/p>\n<hr \/>\n<p>Aquesta explotaci\u00f3 <strong>requereix acc\u00e9s previ amb usuari de privilegis limitats a la infraestructura<\/strong>, amb el que a priori dificulta un atac massiu des de l&#8217;exterior, per\u00f2 alhora i sobretot en infraestructures grans, <strong>suposa un gran treball per als departaments d&#8217;IT i seguretat<\/strong>.<\/p>\n<p><strong>Els clients que tenen contracte de manteniment de sistemes de Vunkers IT Experts, ja tenen aplicades les actualitzacions<\/strong>. A m\u00e9s, monitorem els accessos Netlogon vulnerables, perqu\u00e8 no s&#8217;hagin de preocupar en el llan\u00e7ament de la fase 2.<\/p>\n<p><strong>Vunkers IT Experts<\/strong>, <a href=\"https:\/\/www.vunkers.com\/ca\/servicios\/sistemes\/\"><strong>experts en seguretat de sistemes<\/strong><\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Zerologon: La nova vulnerabilitat cr\u00edtica que afecta els controladors de domini de Windows Server, no es soluciona nom\u00e9s actualitzant. Sembla que est\u00e0 sent un mal any per a Redmon. Fa un parell de mesos un equip de seguretat va reportar a Microsoft una vulnerabilitat explotable en el seu sistema Netlogon CVE-2020-1472, que permeti una escalada [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":15806,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[97],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Zerologon, vulnerabilitat per als controladors de domini de Windows Server | Vunkers IT Experts | Proveedor de Servicios IT para empresas<\/title>\n<meta name=\"description\" content=\"Nova vulnerabilitat cr\u00edtica que afecta els controladors de domini de Windows Server, no es soluciona aplicant una actualitzaci\u00f3.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.vunkers.com\/ca\/insights-i-noticies\/seguretat-informatica\/zerologon-vulnerabilitat-per-als-controladors-de-domini-de-windows-server\/\" \/>\n<meta property=\"og:locale\" content=\"ca_ES\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Zerologon, vulnerabilitat per als controladors de domini de Windows Server | Vunkers IT Experts | Proveedor de Servicios IT para empresas\" \/>\n<meta property=\"og:description\" content=\"Nova vulnerabilitat cr\u00edtica que afecta els controladors de domini de Windows Server, no es soluciona aplicant una actualitzaci\u00f3.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.vunkers.com\/ca\/insights-i-noticies\/seguretat-informatica\/zerologon-vulnerabilitat-per-als-controladors-de-domini-de-windows-server\/\" \/>\n<meta property=\"og:site_name\" content=\"Vunkers IT Experts | Proveedor de Servicios IT para empresas\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/vunkersit\/\" \/>\n<meta property=\"article:published_time\" content=\"2020-09-16T16:00:36+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-09-17T06:50:31+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.vunkers.com\/wp-content\/uploads\/2020\/09\/vulneribilitat-windows-server-2020-09-blog.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"550\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@vunkersit\" \/>\n<meta name=\"twitter:site\" content=\"@vunkersit\" \/>\n<meta name=\"twitter:label1\" content=\"Escrit per\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Temps estimat de lectura\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minuts\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.vunkers.com\/ca\/insights-i-noticies\/seguretat-informatica\/zerologon-vulnerabilitat-per-als-controladors-de-domini-de-windows-server\/\",\"url\":\"https:\/\/www.vunkers.com\/ca\/insights-i-noticies\/seguretat-informatica\/zerologon-vulnerabilitat-per-als-controladors-de-domini-de-windows-server\/\",\"name\":\"Zerologon, vulnerabilitat per als controladors de domini de Windows Server | Vunkers IT Experts | Proveedor de Servicios IT para empresas\",\"isPartOf\":{\"@id\":\"https:\/\/www.vunkers.com\/ca\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.vunkers.com\/ca\/insights-i-noticies\/seguretat-informatica\/zerologon-vulnerabilitat-per-als-controladors-de-domini-de-windows-server\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.vunkers.com\/ca\/insights-i-noticies\/seguretat-informatica\/zerologon-vulnerabilitat-per-als-controladors-de-domini-de-windows-server\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.vunkers.com\/wp-content\/uploads\/2020\/09\/vulneribilitat-windows-server-2020-09-blog.jpg\",\"datePublished\":\"2020-09-16T16:00:36+00:00\",\"dateModified\":\"2020-09-17T06:50:31+00:00\",\"author\":{\"@id\":\"https:\/\/www.vunkers.com\/ca\/#\/schema\/person\/cbc8f77c64e7af6bb58f356e286f9d94\"},\"description\":\"Nova vulnerabilitat cr\u00edtica que afecta els controladors de domini de Windows Server, no es soluciona aplicant una actualitzaci\u00f3.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.vunkers.com\/ca\/insights-i-noticies\/seguretat-informatica\/zerologon-vulnerabilitat-per-als-controladors-de-domini-de-windows-server\/#breadcrumb\"},\"inLanguage\":\"ca\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.vunkers.com\/ca\/insights-i-noticies\/seguretat-informatica\/zerologon-vulnerabilitat-per-als-controladors-de-domini-de-windows-server\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"ca\",\"@id\":\"https:\/\/www.vunkers.com\/ca\/insights-i-noticies\/seguretat-informatica\/zerologon-vulnerabilitat-per-als-controladors-de-domini-de-windows-server\/#primaryimage\",\"url\":\"https:\/\/www.vunkers.com\/wp-content\/uploads\/2020\/09\/vulneribilitat-windows-server-2020-09-blog.jpg\",\"contentUrl\":\"https:\/\/www.vunkers.com\/wp-content\/uploads\/2020\/09\/vulneribilitat-windows-server-2020-09-blog.jpg\",\"width\":800,\"height\":550,\"caption\":\"Soluci\u00f3n a vulnerabilidad cr\u00edtica para los controladores de dominio de Windows\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.vunkers.com\/ca\/insights-i-noticies\/seguretat-informatica\/zerologon-vulnerabilitat-per-als-controladors-de-domini-de-windows-server\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Portada\",\"item\":\"https:\/\/www.vunkers.com\/ca\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Zerologon, vulnerabilitat per als controladors de domini de Windows Server\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.vunkers.com\/ca\/#website\",\"url\":\"https:\/\/www.vunkers.com\/ca\/\",\"name\":\"Vunkers IT Experts | Proveedor de Servicios IT para empresas\",\"description\":\"Expertos en Ciberseguridad - Datacenter - Software - Networking - Telefon\u00eda IP - IoT\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.vunkers.com\/ca\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"ca\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.vunkers.com\/ca\/#\/schema\/person\/cbc8f77c64e7af6bb58f356e286f9d94\",\"name\":\"admin\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Zerologon, vulnerabilitat per als controladors de domini de Windows Server | Vunkers IT Experts | Proveedor de Servicios IT para empresas","description":"Nova vulnerabilitat cr\u00edtica que afecta els controladors de domini de Windows Server, no es soluciona aplicant una actualitzaci\u00f3.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.vunkers.com\/ca\/insights-i-noticies\/seguretat-informatica\/zerologon-vulnerabilitat-per-als-controladors-de-domini-de-windows-server\/","og_locale":"ca_ES","og_type":"article","og_title":"Zerologon, vulnerabilitat per als controladors de domini de Windows Server | Vunkers IT Experts | Proveedor de Servicios IT para empresas","og_description":"Nova vulnerabilitat cr\u00edtica que afecta els controladors de domini de Windows Server, no es soluciona aplicant una actualitzaci\u00f3.","og_url":"https:\/\/www.vunkers.com\/ca\/insights-i-noticies\/seguretat-informatica\/zerologon-vulnerabilitat-per-als-controladors-de-domini-de-windows-server\/","og_site_name":"Vunkers IT Experts | Proveedor de Servicios IT para empresas","article_publisher":"https:\/\/www.facebook.com\/vunkersit\/","article_published_time":"2020-09-16T16:00:36+00:00","article_modified_time":"2020-09-17T06:50:31+00:00","og_image":[{"width":800,"height":550,"url":"https:\/\/www.vunkers.com\/wp-content\/uploads\/2020\/09\/vulneribilitat-windows-server-2020-09-blog.jpg","type":"image\/jpeg"}],"author":"admin","twitter_card":"summary_large_image","twitter_creator":"@vunkersit","twitter_site":"@vunkersit","twitter_misc":{"Escrit per":"admin","Temps estimat de lectura":"2 minuts"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.vunkers.com\/ca\/insights-i-noticies\/seguretat-informatica\/zerologon-vulnerabilitat-per-als-controladors-de-domini-de-windows-server\/","url":"https:\/\/www.vunkers.com\/ca\/insights-i-noticies\/seguretat-informatica\/zerologon-vulnerabilitat-per-als-controladors-de-domini-de-windows-server\/","name":"Zerologon, vulnerabilitat per als controladors de domini de Windows Server | Vunkers IT Experts | Proveedor de Servicios IT para empresas","isPartOf":{"@id":"https:\/\/www.vunkers.com\/ca\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.vunkers.com\/ca\/insights-i-noticies\/seguretat-informatica\/zerologon-vulnerabilitat-per-als-controladors-de-domini-de-windows-server\/#primaryimage"},"image":{"@id":"https:\/\/www.vunkers.com\/ca\/insights-i-noticies\/seguretat-informatica\/zerologon-vulnerabilitat-per-als-controladors-de-domini-de-windows-server\/#primaryimage"},"thumbnailUrl":"https:\/\/www.vunkers.com\/wp-content\/uploads\/2020\/09\/vulneribilitat-windows-server-2020-09-blog.jpg","datePublished":"2020-09-16T16:00:36+00:00","dateModified":"2020-09-17T06:50:31+00:00","author":{"@id":"https:\/\/www.vunkers.com\/ca\/#\/schema\/person\/cbc8f77c64e7af6bb58f356e286f9d94"},"description":"Nova vulnerabilitat cr\u00edtica que afecta els controladors de domini de Windows Server, no es soluciona aplicant una actualitzaci\u00f3.","breadcrumb":{"@id":"https:\/\/www.vunkers.com\/ca\/insights-i-noticies\/seguretat-informatica\/zerologon-vulnerabilitat-per-als-controladors-de-domini-de-windows-server\/#breadcrumb"},"inLanguage":"ca","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.vunkers.com\/ca\/insights-i-noticies\/seguretat-informatica\/zerologon-vulnerabilitat-per-als-controladors-de-domini-de-windows-server\/"]}]},{"@type":"ImageObject","inLanguage":"ca","@id":"https:\/\/www.vunkers.com\/ca\/insights-i-noticies\/seguretat-informatica\/zerologon-vulnerabilitat-per-als-controladors-de-domini-de-windows-server\/#primaryimage","url":"https:\/\/www.vunkers.com\/wp-content\/uploads\/2020\/09\/vulneribilitat-windows-server-2020-09-blog.jpg","contentUrl":"https:\/\/www.vunkers.com\/wp-content\/uploads\/2020\/09\/vulneribilitat-windows-server-2020-09-blog.jpg","width":800,"height":550,"caption":"Soluci\u00f3n a vulnerabilidad cr\u00edtica para los controladores de dominio de Windows"},{"@type":"BreadcrumbList","@id":"https:\/\/www.vunkers.com\/ca\/insights-i-noticies\/seguretat-informatica\/zerologon-vulnerabilitat-per-als-controladors-de-domini-de-windows-server\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Portada","item":"https:\/\/www.vunkers.com\/ca\/"},{"@type":"ListItem","position":2,"name":"Zerologon, vulnerabilitat per als controladors de domini de Windows Server"}]},{"@type":"WebSite","@id":"https:\/\/www.vunkers.com\/ca\/#website","url":"https:\/\/www.vunkers.com\/ca\/","name":"Vunkers IT Experts | Proveedor de Servicios IT para empresas","description":"Expertos en Ciberseguridad - Datacenter - Software - Networking - Telefon\u00eda IP - IoT","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.vunkers.com\/ca\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"ca"},{"@type":"Person","@id":"https:\/\/www.vunkers.com\/ca\/#\/schema\/person\/cbc8f77c64e7af6bb58f356e286f9d94","name":"admin"}]}},"_links":{"self":[{"href":"https:\/\/www.vunkers.com\/ca\/wp-json\/wp\/v2\/posts\/15812"}],"collection":[{"href":"https:\/\/www.vunkers.com\/ca\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.vunkers.com\/ca\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.vunkers.com\/ca\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.vunkers.com\/ca\/wp-json\/wp\/v2\/comments?post=15812"}],"version-history":[{"count":3,"href":"https:\/\/www.vunkers.com\/ca\/wp-json\/wp\/v2\/posts\/15812\/revisions"}],"predecessor-version":[{"id":15822,"href":"https:\/\/www.vunkers.com\/ca\/wp-json\/wp\/v2\/posts\/15812\/revisions\/15822"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.vunkers.com\/ca\/wp-json\/wp\/v2\/media\/15806"}],"wp:attachment":[{"href":"https:\/\/www.vunkers.com\/ca\/wp-json\/wp\/v2\/media?parent=15812"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.vunkers.com\/ca\/wp-json\/wp\/v2\/categories?post=15812"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.vunkers.com\/ca\/wp-json\/wp\/v2\/tags?post=15812"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}