Summary
The Center for Cybersecurity Belgium is warning of an actively exploited zero-click RCE vulnerability in Windows Netlogon (CVE-2026-41089) that allows unauthenticated attackers to gain SYSTEM-level access to domain controllers.
Take Action:
Update your Windows domain controllers ASAP. This flaw is already being used by attackers to take over entire networks. If you cannot patch today, use firewalls to limit which devices can talk to your domain controllers over the Netlogon service.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)