On Friday 11th August Microsoft announced a phased two-part security update to address a recently identified vulnerability affecting Netlogon. The first stage of the update is underway, with the second phase expected in Q1 2021. Whilst Microsoft has known about the vulnerability since August, a Proof of Concept exploit has just been released, increasing the likelihood of the vulnerability being exploited. What’s the vulnerability? CVE-2020-1472 is an elevation of privilege vulnerability which, if exploited, could allow an attacker unauthorised administrator access to your network. The threat is present when an attacker attempts to connect to an Active Directory Server (also known as a Domain Controller) using the Netlogon Remote Protocol (MS-NRPC). Microsoft have given the vulnerability…