U.S. Cybersecurity and Infrastructure Security Agency s emergency directive for federal agencies to patch against the so-called Zerologon vulnerability. The bug is located in a core authentication component of Active Directory within the Windows Server OS and the Microsoft Windows Netlogon Remote Protocol (MS-NRPC) Microsoft released a patch for the vulnerability (CVE-2020-1472) as part of its August 11, 2020 Patch Tuesday security updates. The directive requires security teams at those affected federal civilian and executive branch departments to update all Windows Servers with the domain controller role by midnight EDT Sept. 21.
Source: https://threatpost.com/dire-patch-warning-zerologon/159404/