| Description: | An elevation of privilege vulnerability exists when an attacker
establishes a vulnerable Netlogon secure channel connection to a
domain controller, using the Netlogon Remote Protocol (MS-NRPC). An
attacker who successfully exploited the vulnerability could run a
specially crafted application on a device on the network. To exploit
the vulnerability, an unauthenticated attacker would be required to
use MS-NRPC to connect to a domain controller to obtain domain
administrator access. Microsoft is addressing the vulnerability in a
phased two-part rollout. These updates address the vulnerability by
modifying how Netlogon handles the usage of Netlogon secure channels.
For guidelines on how to manage the changes required for this
vulnerability and more information on the phased rollout, see How to
manage the changes in Netlogon secure channel connections associated
with CVE-2020-1472 (updated September 28, 2020). When the second phase
of Windows updates become available in Q1 2021, customers will be
notified via a revision to this security vulnerability. If you wish to
be notified when these updates are released, we recommend that you
register for the security notifications mailer to be alerted of
content changes to this advisory. See Microsoft Technical Security
Notifications.
|
