← Return to Blog

25 Sep, 2020

Security Update: The US Cybersecurity and Infrastructure Agency Issues an Emergency Directive

Risk Summary

Department of Homeland Security (DHS) Cybersecurity and Infrastructure Agency (CISA) has released Emergency Directive (ED) 20-04 addressing a critical vulnerability— CVE-2020-1472—affecting Microsoft Windows Netlogon Remote Protocol. An unauthenticated attacker with network access could exploit this vulnerability to compromise identity services on domain controller servers that permit network access.

CISA has determined that this vulnerability poses an unacceptable risk to the Federal Civilian Executive Branch and requires an immediate and emergency action for Federal government departments and agencies to apply the Microsoft released patch to mitigate the vulnerability. CISA also strongly recommends state and local governments, the private sector, and others patch this critical vulnerability as soon as possible.

Regulatory Impact

Federal banking regulators may provide guidance to regulated financial institutions in the coming days regarding the CISA directive.

Action Taken by BankOnIT

The August 2020 Microsoft Security Update patch mitigates this exploit. BankOnIT previously applied this update to affected servers on BankOnIT’s network and on BankOnIT managed client financial institution servers. This patch, along with every patch BankOnIT manages, is documented in each BankOnIT’s Client Management Console patch management report.

Action Required by Your Financial Institution

BankOnIT strongly encourages client institutions to document a response to this vulnerability by reviewing and retaining this Security Update and including it in your institution’s regular Information Technology Committee Meeting minutes or other reporting structure the bank has for Information Technology. Additionally, management and board reporting provided in BankOnIT’s Client Management Console should continue to be part of the information provided to IT committee meetings and board meetings.

Additional Resources

For more information and technical details about this critical vulnerability see the following sites:

US Cybersecurity & Infrastructure Agency - CISA Releases Emergency Directive on Microsoft Windows Netlogon Remote Protocol

US Department of Homeland Security - Mitigate Netlogon Elevation of Privilege Vulnerability from August 2020 Patch Tuesday

Microsoft - Netlogon Elevation of Privilege Vulnerability

← Return to Blog


This publication attempts to provide timely and accurate information concerning the subjects discussed. It is furnished with the understanding that it does not provide legal or other professional services. If legal or other expert assistance is required, the services of a qualified professional should be obtained.

Related Posts