Microsoft is allegedly pushing a domain controller “enforcement mode” by default to help mitigate the threat posed by the critical Zerologon flaw. Microsoft is aiming to force all companies to update their systems and address the flaw, as it represents a severe security risk to businesses, agencies, and organizations. Microsoft will soon implement a feature that blocks vulnerable connections on devices susceptible to the flaw.
The feature will roll out on February 9 of this year. According to Microsoft, Active Directory domain controllers are a key feature in the Zerologon vulnerability. These aspects respond to authentication requests and verify users, however, the Zerologon flaw allows for unauthenticated attackers to bypass and compromise all Active Directory identity services.
Read More: Microsoft Implements Windows Zerologon Flaw ‘Enforcement Mode’