Microsoft, in its August 2020 Patch Tuesday release, disclosed details on CVE-2020-1472, which is a Privilege Escalation vulnerability in the Netlogon Remote Protocol. If successfully exploited, this vulnerability would allow for an attacker to run a specially crafted payload on a networked host against a domain controller to obtain domain administrator access. Security researchers have released several proof of concept scripts which can successfully exploit this vulnerability.
Various Sophos products can mitigate the vulnerability using IPS. There is no action required for Sophos customers as IPS signatures are automatically deployed.
Sophos MTR customers have already been advised of this issue. The Sophos MTR team is monitoring for ongoing activity and for networking attempts to exploit this vulnerability.
Sophos recommends that customers follow Microsoft's recommendation and apply the official August 2020 patch.
These products are currently in Early Access.