Share via

Azure AD - CVE-2020-1472 Netlogon Elevation of Privilege Vulnerability

Mike Kauspedas 21 Reputation points
2020-10-02T16:09:15.84+00:00

Can I safely assume Microsoft is going to handle the domain controller updates for domains completely managed by Azure AD? We have domain services enabled but no access to the domain controllers themselves. So I cannot monitor for the event ID's or apply the updates (except to my own domain joined devices).

For ref:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472
https://support.microsoft.com/en-us/help/4557222/how-to-manage-the-changes-in-netlogon-secure-channel-connections-assoc

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,008 questions
0 comments
Accepted answer
  1. Alfredo Revilla - Upwork Top Talent | IAM SWE SWA 27,461 Reputation points
    2020-10-02T17:11:32.84+00:00

    Yes you can. Please take a look to How are Windows Updates applied in Azure AD Domain Services?

    --
    Please let us know if this answer was helpful to you. If so, please remember to mark it as the answer so that others in the community with similar questions can more easily find a solution.

    1 person found this answer helpful.
    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.