netlogon
Safeguard articles tagged "netlogon" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Zerologon: The Netlogon Cryptographic Flaw (CVE-2020-1472) Explained
CVE-2020-1472 let an unauthenticated attacker seize a domain controller in seconds by exploiting an all-zero AES-CFB8 initialization vector. Here's the real mechanism and the fix.
CVE-2026-41089: The Unauthenticated Netlogon RCE That Owns Your Domain Controller
CVE-2026-41089 is a CVSS 9.8 unauthenticated remote code execution flaw in Windows Netlogon: an integer overflow in MS-NRPC handshake parsing leads to a stack overflow on domain controllers, with no credentials or user interaction required.
Microsoft May 2026 Patch Tuesday: No Zero-Days, but Two CVSS 9.8 Wormable RCEs
Microsoft's May 2026 Patch Tuesday shipped without a single exploited zero-day for the first time since June 2024, but it still carried two unauthenticated CVSS 9.8 remote code execution bugs in core Windows services that every domain should treat as emergency patches.