Microsoft published information regarding a vulnerability related to Netlogon and elevation of privilege, which is covered by CVE-2020-1472.
The patches highlighted there are the standard monthly patches (monthly rollups, security-only bundles, cumulative updates, etc.), but according to the FAQ section of the CVE page, there are additional steps required to protect from the vulnerability.
The impact of this patch is that shares can not be accessed from their IP, only with hostname with some limitations.
1. Check DNS record
- From Windows go to DNS Manager and check the "Forward Lookup Zones" for your domain. If you have an entry with the hostname assigned to the IP it is fine, if its not assigned, you have to generate a new entry.
2. Modify Local Group Policy
Microsoft made this update in August 2020 and it was enforced in February 2021.
To allow again access a modification in the Local Group Policy must be done.
- Search for gpedit.msc
- Go to Computer Management > Windows Settings > Security Settings > Local Policies > Security Options
- Search for "Domain Controller: Allow vulnerable Netlogon secure channel connections".
- Right click and choose Properties.
- Edit Security and click Add...
- Modify Object Types and search only for Computers
- To finish this workaround you have to insert for you hostname and Check Names and press OK
This procedure should be applied for every Syneto machine where SMB shares are stored. Also this procedure can be applied for versions 2012, 2016 and 2019 of Windows Server.