By Egon Rinderer Dec 15, 2020 Zerologon is one of the most significant vulnerabilities to surface in a long time. Earlier this year, the Cybersecurity and Infrastructure Security Agency (CISA) released a notice stating the Zerologon vulnerability poses an “unacceptable risk” to the federal civilian executive branch, and required that all federal agencies “immediately apply the Windows Server August 2020 security update” or disconnect from federal networks. Zerologon allows devices to authenticate to the domain controller and update their password in the Active Directory (AD). Zerologon can maintain relationships between members of domains and the DC, or between many DCs across one or many domains, and replicate the DC database. Microsoft released the software update Netlogon EoP to mitigate a critical vulnerability in the Windows Netlogon Remote Protocol server interface. This was the first update in a phased rollout expected to conclude February 2021.