Skip to content
Netlogon Elevation
Privilege Vulnerability Patching
Alvaka Patchworx℠ is an Advanced Patch Management Solution for managed networks and controlled IT Infrastructures.
Learn more about using Patchworx℠ to patch the Netlogon Elevation of Privilege Vulnerability
Netlogon Elevation of Privilege Vulnerability (Zerologon)
Alvaka provides patching assistance for those needing to secure their systems immediately from the threat of CVE-2020-1472 | Netlogon Elevation of Privilege Vulnerability (Zerologon). This flaw in Windows Active Directory allows an attacker to gain an elevation of privilege and exploit a vulnerable Netlogon secure channel connection to a domain controller.
CVE-2020-1472 | Netlogon Elevation of Privilege Vulnerability
This is done by using the Netlogon Remote Protocol (MS-NRPC). Using this vulnerability allows an unauthenticated attacker to use MS-NRPC to connect to a domain controller to obtain domain administrator access. Successfully exploiting this vulnerability allows a specially crafted application to run your network rendering you completely exposed to a hack.
Following Microsoft’s best practice recommendations, Alvaka will:
1. UPDATE your Domain Controllers with an update released August 11, 2020 or later.
2. FIND which devices are making vulnerable connections by monitoring event logs.
3. ADDRESS non-compliant devices making vulnerable connections.
4. ENABLE enforcement mode to address CVE-2020-1472 in your environment.
Installing updates released August 11, 2020 or later will address security issue in CVE-2020-1472 for Active Directory domains and trusts, as well as Windows devices. To fully mitigate the security issue for third-party devices all steps will need to be complete.
We are staffed 24×7 by 100% all US based engineers to assist you with this urgent need any time of day or night.
You want to enter in a fully burdened labor rate for this field. What that means is that you want to take the base hourly rate, plus 25-30% for employer payroll taxes, benefits, vacation/holiday time, etc.
Smoke testing is a type of software testing performed by Alvaka after a software patching sequence to ensure that the system is working correctly and to identify any misconfigurations or conflicts within the patched system.
This is a basic cost calculator for you to compute your typical monthly cost for patching your servers, PCs, laptops, tablets and associated application software. It also forms the basis for you to begin calculating your Return on Investment for software patching, or for comparison with alternatives to the manual process of patching operating systems and application software—such as Patch Management as a Service, also known as Vulnerability Management as a Service.
You want to enter in a fully burdened labor rate for this field. What that means is that you want to take the base hourly rate, plus 25-30% for employer payroll taxes, benefits, vacation/holiday time, etc.
Smoke testing is a term used to describe the testing process for servers after patches are applied.