Microsoft has Announced that they got a small number of reports from customers and others about continued activity exploiting a vulnerability affecting the Netlogon protocol vulnerability could allow an attacker to spoof a domain controller account that could be used to steal domain credentials and take over the domain.
They Already addressed this same issue in Security Updates August 11,2020.
Once User fully deployed the August 11, 2020 Update, Active Directory domain controller and trust accounts will be protected alongside Windows domain-joined machine accounts.
Microsoft Encourage users to do both apply the update and follow the original guidance as described in KB4557222 to ensure they are fully protected from this vulnerability.
Organizations that deploy Microsoft Defender For Identify (previously Azure Advanced Threat Protection) or Microsoft 365 Defender (previously Microsoft Threat Protection) are able to detect issues they try to exploit this specific vulnerability against their domain controllers.
Leave a Comment
You must be logged in to post a comment.