A critical unauthenticated RCE in the Windows Netlogon service is under active exploitation, with domain controllers as the confirmed primary target. Successful exploitation enables arbitrary code execution on DCs and realistic full domain compromise. This is the highest organizational risk item in this rollup and warrants emergency patch procedures.