System administrators believe that unless the software update is specifically to fix security vulnerabilities, then do not install immediately after the update. This is especially true in the case of windows update. However, it is recommended that users install the cumulative update released on Tuesday in the August patch as soon as possible, as it fixes a serious zerologon security vulnerability.
Although the CVss score of the vulnerability is 10, the details have never been disclosed, which means that users and it administrators never realize how serious the vulnerability is.
Netlogon is an important functional component of windows. It is used for authentication of users and machines on the network within the domain, and replication of database for domain control backup. At the same time, it is also used to maintain the relationship between domain members and domains, between domains and domain controllers, and between domain DC and cross domain DC.
By forging an authentication token for a specific Netlogon function, he can call a function to set the computer password of the domain controller to a known value. The attacker can then use this new password to control the domain controller and steal the credentials of the domain administrator.