Are your domain controllers safe from Zerologon attacks?

CVE-2020-1472, a privilege elevation vulnerability in the Netlogon Remote Protocol (MS-NRPC) for which Microsoft released a patch in August, has just become a huge liability for organizations that are struggling with timely patching. Secura researchers – the very same ones who found and disclosed the flaw to Microsoft – have published additional technical details on Monday, and just a few hours later several PoC exploit/tools have been published on GitHub.

Read full article on Help Net Security