Privilege Vulnerability Patching
Alvaka Networks Patchworx℠ is an Advanced Patch Management Solution for managed networks and controlled IT Infrastructures.
Learn more about using Patchworx℠ to patch the Netlogon Elevation of Privilege Vulnerability
Netlogon Elevation of Privilege Vulnerability (Zerologon)
Alvaka Networks provides patching assistance for those needing to secure their systems immediately from the threat of CVE-2020-1472 | Netlogon Elevation of Privilege Vulnerability (Zerologon). This flaw in Windows Active Directory allows an attacker to gain an elevation of privilege and exploit a vulnerable Netlogon secure channel connection to a domain controller.
This is done by using the Netlogon Remote Protocol (MS-NRPC). Using this vulnerability allows an unauthenticated attacker to use MS-NRPC to connect to a domain controller to obtain domain administrator access. Successfully exploiting this vulnerability allows a specially crafted application to run your network rendering you completely exposed to a hack.
Following Microsoft’s best practice recommendations, Alvaka Networks will:
- UPDATE your Domain Controllers with an update released August 11, 2020 or later.
- FIND which devices are making vulnerable connections by monitoring event logs.
- ADDRESS non-compliant devices making vulnerable connections.
- ENABLE enforcement mode to address CVE-2020-1472 in your environment.
Installing updates released August 11, 2020 or later will address security issue in CVE-2020-1472 for Active Directory domains and trusts, as well as Windows devices. To fully mitigate the security issue for third-party devices all steps will need to be complete.
We are staffed 24×7 by 100% all US based engineers to assist you with this urgent need any time of day or night.