Microsoft will enforce domain controller settings within Active Directory to block connections that could exploit the Zerologon vulnerability in Windows Server. The vulnerability affects Windows Server’s Netlogon Remote Protocol, or MS-NRPC. Microsoft issued a patch for the vulnerability in August 2020, but it’s not clear if all customers have applied it to their networks. Security experts say Microsoft is taking the right step to ensure that customers’ networks remain safe even if they haven’t applied the patch. Microsoft: “This will block vulnerable connections from non-compliant devices””]
Source: https://www.cuinfosecurity.com/microsoft-taking-additional-steps-to-address-zerologon-flaw-a-15796