Security News > 2021 > January > Microsoft warns of incoming Windows Zerologon patch enforcement
Microsoft today warned admins that updates addressing the Windows Zerologon vulnerability will transition into the enforcement phase starting next month.
"DC enforcement mode requires that all Windows and non-Windows devices use secure RPC with Netlogon secure channel unless customers have explicitly allowed the account to be vulnerable by adding an exception for the non-compliant device."
The patch released as part of the August 2020 Patch Tuesday updates enables secure Remote Procedure Call communication for machine accounts on Windows devices, trust accounts, as well as all Windows and non-Windows Domain Controllers.
Soon after the news about a Zerologon fix was published in August 2020, researchers published proof-of-concept ZeroLogon exploits allowing attackers to easily gain administrative access to a domain controller.
With public exploits released, Microsoft warned that threat actors quickly adopted them and started exploiting ZeroLogon in attacks.
One month later, Microsoft also added support for Zerologon exploitation detection to Microsoft Defender for Identity making it possible for security teams to detect on-premises attacks trying to abuse this critical vulnerability.
News URL
Related news
- Microsoft discloses Office zero-day, still working on a patch (source)
- Microsoft: Windows 11 22H2 reaches end of support in 60 days (source)
- Microsoft is killing the Windows Paint 3D app after 8 years (source)
- Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploited (source)
- Windows Server August updates fix Microsoft 365 Defender issue (source)
- Microsoft retires Windows updates causing 0x80070643 errors (source)
- Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled, patch now (source)
- Microsoft removes FAT32 partition size limit in Windows 11 (source)
- Microsoft to rollout Windows Recall to Insiders in October (source)
- Microsoft to roll out Windows Recall to Insiders in October (source)