A critical Windows Netlogon vulnerability (CVE-2026-41089) is being actively exploited in the wild, putting unpatched domain controllers at serious risk. Attackers need only network access to trigger the flaw — no authentication, no user interaction required — allowing full SYSTEM-level code execution and potential domain takeover.
Microsoft patched it in May 2026's Patch Tuesday update, alongside 15 other critical flaws. Belgium's Center for Cybersecurity has flagged it as a top-priority emergency fix. Security teams should patch domain controllers immediately, tighten network segmentation, and monitor for suspicious Netlogon traffic and unexpected admin account creation.
Source: Cybersecurity News