Microsoft has added support for Zerologon exploitation detection to Microsoft Defender for Identity. Security Operations teams will be able to detect on-premises attacks attempting to abuse this critical vulnerability. Microsoft warned that both state-backed and financially motivated threat actors are actively exploiting systems unpatched against the ZeroLogon vulnerability. The company urged IT admins to apply security updates issued as part of the August 2020 Patch Tuesday to secure their networks against incoming attacks leveraging publicly available Zero Logon exploits. Microsoft is still in the process of rolling out the fix for the vulnerability as a two-stage process.
Source: https://www.bleepingcomputer.com/news/security/microsoft-defender-for-identity-now-detects-zerologon-attacks/