Privilege Vulnerability Patching
Alvaka Patchworx℠ is an Advanced Patch Management Solution for managed networks and controlled IT Infrastructures.
Learn more about using Patchworx℠ to patch the Netlogon Elevation of Privilege Vulnerability
Netlogon Elevation of Privilege Vulnerability (Zerologon)
Alvaka provides patching assistance for those needing to secure their systems immediately from the threat of CVE-2020-1472 | Netlogon Elevation of Privilege Vulnerability (Zerologon). This flaw in Windows Active Directory allows an attacker to gain an elevation of privilege and exploit a vulnerable Netlogon secure channel connection to a domain controller.
This is done by using the Netlogon Remote Protocol (MS-NRPC). Using this vulnerability allows an unauthenticated attacker to use MS-NRPC to connect to a domain controller to obtain domain administrator access. Successfully exploiting this vulnerability allows a specially crafted application to run your network rendering you completely exposed to a hack.
Following Microsoft’s best practice recommendations, Alvaka will:
1. UPDATE your Domain Controllers with an update released August 11, 2020 or later.
2. FIND which devices are making vulnerable connections by monitoring event logs.
3. ADDRESS non-compliant devices making vulnerable connections.
4. ENABLE enforcement mode to address CVE-2020-1472 in your environment.
Installing updates released August 11, 2020 or later will address security issue in CVE-2020-1472 for Active Directory domains and trusts, as well as Windows devices. To fully mitigate the security issue for third-party devices all steps will need to be complete.
We are staffed 24×7 by 100% all US based engineers to assist you with this urgent need any time of day or night.