Microsoft issues updated instructions on how to fix a vulnerability called Zerologon in Windows Server. Cisco Talos researchers report a spike in attempts to exploit the flaw. The vulnerability stems from a flaw in a cryptographic authentication scheme used by the Netlogon Remote Protocol. The U.S. Cybersecurity and Infrastructure Security Agency issued a warning on Thursday that it was detecting attacks on unpatched systems. Microsoft issued the first phase of the patch on Aug. 11 to partially mitigate the vulnerability. It plans to issue a second patch Feb. 9, 2021.”]
Source: https://www.cuinfosecurity.com/microsoft-issues-updated-patching-directions-for-zerologon-a-15090