Threat attackers continue to exploit the Microsoft Zerologon vulnerability, a bug tracked as CVE-2020-1472. The bug is located in a core authentication component of Active Directory within the Windows Server OS and the Microsoft Windows Netlogon Remote Protocol (MS-NRPC) The U.S. Department of Homeland Security issued a statement of its own Thursday warning organizations about continued exploit of the bug. The agency even has released a patch validation script to detect unpatched Microsoft domain controllers to help administers install the update.
Source: https://threatpost.com/microsoft-warns-zerologon-bug/160769/