Microsoft has received a small number of reports from customers and others about continued activity exploiting a vulnerability affecting the Netlogon protocol (CVE-2020-1472) The vulnerability could allow an attacker to spoof a domain controller account that could be used to steal domain credentials and take over the domain. We strongly encourage anyone who has not applied the update to take this step now. Customers need to both apply the update and follow the original guidance as described in KB4557222 to ensure they are fully protected from this vulnerability.”]
Source: https://msrc-blog.microsoft.com/2020/10/29/attacks-exploiting-netlogon-vulnerability-cve-2020-1472/