Netlogon Elevation
Privilege Vulnerability Patching
Alvaka Patchworx℠ is an Advanced Patch Management Solution for managed networks and controlled IT Infrastructures.
Learn more about using Patchworx℠ to patch the Netlogon Elevation of Privilege Vulnerability
Netlogon Elevation of Privilege Vulnerability (Zerologon)
Alvaka provides patching assistance for those needing to secure their systems immediately from the threat of CVE-2020-1472 | Netlogon Elevation of Privilege Vulnerability (Zerologon). This flaw in Windows Active Directory allows an attacker to gain an elevation of privilege and exploit a vulnerable Netlogon secure channel connection to a domain controller.
CVE-2020-1472 | Netlogon Elevation of Privilege Vulnerability
This is done by using the Netlogon Remote Protocol (MS-NRPC). Using this vulnerability allows an unauthenticated attacker to use MS-NRPC to connect to a domain controller to obtain domain administrator access. Successfully exploiting this vulnerability allows a specially crafted application to run your network rendering you completely exposed to a hack.
Following Microsoft’s best practice recommendations, Alvaka will:
1. UPDATE your Domain Controllers with an update released August 11, 2020 or later.
2. FIND which devices are making vulnerable connections by monitoring event logs.
3. ADDRESS non-compliant devices making vulnerable connections.
4. ENABLE enforcement mode to address CVE-2020-1472 in your environment.
Installing updates released August 11, 2020 or later will address security issue in CVE-2020-1472 for Active Directory domains and trusts, as well as Windows devices. To fully mitigate the security issue for third-party devices all steps will need to be complete.
We are staffed 24×7 by 100% all US based engineers to assist you with this urgent need any time of day or night.
Smoke testing is a term used to describe the testing process for servers after patches are applied. 
Estimating an average time for patching servers and PCs can be a bit tricky. It can vary from one month to the next, depending upon the number and complexity of the patches released by your software vendors. You must consider all versions of operating systems and have a complete inventory of all your application software to do this job correctly. Our experience has shown that manual patching of systems takes on average of about 1.5 hours each.
This is a basic cost calculator for you to compute your typical monthly cost for patching your servers, PCs, laptops, tablets and associated application software. It also forms the basis for you to begin calculating your Return on Investment for software patching, or for comparison with alternatives to the manual process of patching operating systems and application software—such as Patch Management as a Service, also known as Vulnerability Management as a Service.