To learn more about the vulnerability, see CVE-2020-1472.
Take Action
To protect your environment and prevent outages, you must do the following:
UPDATE your Domain Controllers with an update released August 11, 2020 or later.
FIND which devices are making vulnerable connections by monitoring event logs.
ADDRESS non-compliant devices making vulnerable connections.
ENABLE enforcement mode to address CVE-2020-1472 in your environment.
Note Step 1 of installing updates released August 11, 2020 or later will address security issue in CVE-2020-1472 for Active Directory domains and trusts, as well as Windows devices. To fully mitigate the security issue for third-party devices, you will need to complete all the steps.
Warning Starting February 2021, enforcement mode will be enabled on all Windows Domain Controllers and will block vulnerable connections from non-compliant devices. At that time, you will not be able to disable enforcement mode.
reference:https://support.microsoft.com/en-us/help/4557222/how-to-manage-the-changes-in-netlogon-secure-channel-connections-assoc
Hope this information can help you
Best wishes
Vicky