Beware of Zerologon Vulnerabilities in Windows Server

From securityboulevard.com

Zerologon

Netlogon allows the domain controller to authenticate computers and update passwords in the Active Directory. This feature is particularly vulnerable to this flaw because it allows hackers to impersonate any computer in the company’s network and change the password, even with two-factor authentication. Using Netlogon, hackers are able to change the domain controller’s password, gaining administrative access and taking control of the network.

Read more…