From 4fbb0f202634f133e4d05ec30082d5c3c034000d Mon Sep 17 00:00:00 2001
From: Mike Salvatore <mike.s.salvatore@gmail.com>
Date: Wed, 24 Feb 2021 16:36:53 -0500
Subject: [PATCH] ui: add machine-related recommendation for Zerologon to
 security report

---
 .../report-components/SecurityReport.js       | 21 +++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js b/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js
index 1d6072ece..8a27cc7cc 100644
--- a/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js
+++ b/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js
@@ -892,6 +892,24 @@ class ReportPageComponent extends AuthComponent {
     );
   }
 
+  generateZerologonIssue(issue) {
+    return (
+      <>
+        Install Windows security updates.
+        <CollapsibleWellComponent>
+          The machine <span className="badge badge-primary">{issue.machine}</span> (<span
+          className="badge badge-info" style={{margin: '2px'}}>{issue.ip_address}</span>) is vulnerable to a <span
+          className="badge badge-danger">Zerologon exploit</span>.
+          <br/>
+          The attack was possible because the latest security updates from Microsoft
+          have not been applied to this machine. For more information about this
+          vulnerability, read <a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-1472">
+          Microsoft's documentation.</a>
+        </CollapsibleWellComponent>
+      </>
+    );
+  }
+
   generateIssue = (issue) => {
     let issueData;
     switch (issue.type) {
@@ -964,6 +982,9 @@ class ReportPageComponent extends AuthComponent {
       case 'drupal':
         issueData = this.generateDrupalIssue(issue);
         break;
+      case 'zerologon':
+        issueData = this.generateZerologonIssue(issue);
+        break;
     }
     return <li key={JSON.stringify(issue)}>{issueData}</li>;
   };