Security News > 2021 > January > Microsoft warns of incoming Windows Zerologon patch enforcement

Microsoft today warned admins that updates addressing the Windows Zerologon vulnerability will transition into the enforcement phase starting next month.
"DC enforcement mode requires that all Windows and non-Windows devices use secure RPC with Netlogon secure channel unless customers have explicitly allowed the account to be vulnerable by adding an exception for the non-compliant device."
The patch released as part of the August 2020 Patch Tuesday updates enables secure Remote Procedure Call communication for machine accounts on Windows devices, trust accounts, as well as all Windows and non-Windows Domain Controllers.
Soon after the news about a Zerologon fix was published in August 2020, researchers published proof-of-concept ZeroLogon exploits allowing attackers to easily gain administrative access to a domain controller.
With public exploits released, Microsoft warned that threat actors quickly adopted them and started exploiting ZeroLogon in attacks.
One month later, Microsoft also added support for Zerologon exploitation detection to Microsoft Defender for Identity making it possible for security teams to detect on-premises attacks trying to abuse this critical vulnerability.
News URL
Related news
- Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws (source)
- Windows 10 KB5051974 update force installs new Microsoft Outlook app (source)
- February's Patch Tuesday sees Microsoft offer just 63 fixes (source)
- Microsoft’s Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation (source)
- Patch Tuesday: Microsoft Patches Two Actively Exploited Zero-Day Flaws (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Microsoft fixes bug causing Windows Server 2025 boot errors (source)
- Microsoft to remove the Location History feature in Windows (source)
- Microsoft testing fix for Windows 11 bug breaking SSH connections (source)
- Microsoft launches ad-supported Office apps for Windows users (source)