NOTLogon vulnerability
Microsoft additionally issued a patch for CVE-2025-47978, a denial-of-service (DoS) vulnerability in Microsoft’s Netlogon protocol, a core element of all Home windows area controllers. The opening has been dubbed NOTLogon by Dor Segal, senior security researcher at Silverfort, who found it. The vulnerability permits any domain-joined machine with minimal privileges to ship a specifically crafted authentication request that can crash a website controller and trigger a full reboot. It has a CVSS rating of 6.5.
“Even low-privilege machines with primary community entry can pose main dangers if left unchecked,” Segal stated in a weblog. “This vulnerability reveals how solely a sound machine account and a crafted RPC message can carry down a website controller — the spine of Energetic Listing operations like authentication, authorization, coverage enforcement, and extra. If a number of area controllers are affected, it may possibly carry enterprise to a halt. NOTLogon is a reminder that new protocol options — particularly in privileged authentication providers — can turn into assault surfaces in a single day. Staying safe isn’t solely about making use of patches — it’s about analyzing the foundational techniques we depend on every single day.”
Lastly, Tenable’s Satnam Narang, senior employees analysis engineer, stated CSOs ought to be taking note of fixing the not too long ago revealed Citrix NetScaler vulnerabilities, particularly CVE-2025-5777, also referred to as CitrixBleed 2. “It’s strikingly just like the unique CitrixBleed,” he stated to CSO in an e-mail, “the place attackers are in a position to steal session tokens from NetScaler techniques and use them to achieve entry to networks, even when patches have been utilized. There are studies that exploitation of CitrixBleed 2 goes again to mid-June, so organizations that make the most of NetScaler ought to be reviewing logs for fast a succession of suspicious requests and identified indicators of compromise, and most significantly, invalidate session tokens to stop follow-on exercise.”
