The patch was released as part of the software firm's monthly release of software updates to fix vulnerabilities in its products; a total of 56 fixes were issued on Tuesday.
The Zerologon flaw is present in Microsoft Windows Netlogon Remote Protocol, a core authentication component of Active Directory.
It allows an unauthenticated attacker with network access to a domain controller to completely compromise all Active Directory identity services.
"When you consider that Zerologon led the US Government to issue an Emergency Directive to all federal agencies to promptly apply the patches for this vulnerability, you start to understand the gravity of the situation.
"Zerologon provides attackers a reliable way to move laterally once inside a network, giving them the ability to impersonate systems, alter passwords, and gain control over the proverbial keys to the kingdom via the domain controller itself.
"For these reasons, Zerologon has been rolled into attacker playbooks, becoming a feather in the cap for post-compromise activity. We've also seen reports of Zerologon being favoured by ransomware groups like Ryuk during their campaigns.
"With this second phase being completed, organisations that have yet to patch Zerologon need to do so immediately."