check before: 2021-02-28
Product:
Azure Advanced Threat Protection, Defender, Defender for Identity, Microsoft Defender for Identity
Platform:
Online, Web, World tenant
Status:
Launched
Change type:
New feature, Admin impact
Links:
Details:
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller using the Netlogon Remote Protocol, also known as Netlogon Elevation of Privilege Vulnerability. Defender for Identity already has a detection for this, but this improvement adds capabilities to determine potential encryption and null source account logic detection to the alert, improving accuracy and potential for false positives.
Change Category:
XXXXXXX ...
Scope:
XXXXXXX ...
Release Phase:
General Availability
Created:
2020-11-24
updated:
2021-10-14
the free basic plan is required to see all details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
Last updated 12 months ago