-
Security Announcements
-
Product News
-
Next-Gen Vulnerability Management
-
Getting Started
-
General
-
Operating Status
-
System & Network Scanning
-
Web Application Scanning
-
Cloud Scanning (CSPM)
-
API Scanning
-
Phishing & Awareness Training
-
Scanner Appliance
-
Device Agent
-
On-premise platform deployment
-
Asset Management
-
Vulnerability Manager
-
Reports
-
Digest Reports
-
Organizer
-
Continuous Monitoring
-
Integrations
-
Platform API
-
Remediation
-
Users
-
PCI DSS
-
Terms & Conditions
-
Dashboard
How do I scan for Zerologon vulnerability?
To check if your Windows Operating System (OS) is affected by the Zelologon vulnerability you must run an authenticated network scan using the product System & Network Scanning.
You will find detailed information about setting up your authenticated scanning profile in this article:
https://support.holmsecurity.com/hc/en-us/articles/212841809
If your system is vulnerable to Zerologon, you will find one of the following HIDs in your generated scan report, depending on your Windows OS:
- HID-2-1-041726
Microsoft Windows Server 2012. - HID-2-1-041725
Microsoft Windows 8.1 for 32-bit/x64-based systems
Microsoft Windows Server 2012 R2 - HID-2-1-041724
Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1
Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 - HID-2-1-041723
Microsoft Windows 10 Version 1903 for 32-bit/x64-based Systems
Microsoft Windows 10 Version 1909 for 32-bit/x64-based Systems - HID-2-1-041720
Microsoft Windows 10 Version 1809 for 32-bit Systems
Microsoft Windows 10 Version 1809 for x64-based Systems
Microsoft Windows Server 2019 - HID-2-1-041729
Microsoft Windows 10 Version 1607 x32/x64
Microsoft Windows Server 2016 - HID-2-1-041727
Microsoft Windows 10 Version 2004 for 32-bit Systems
Microsoft Windows 10 Version 2004 for x64-based Systems
To scan for only Zerologon use the following scan configuration. You select the HID depending on your Windows OS.
