The race is on. Microsoft has released a software update to Windows server operating systems that must be implemented as soon as possible, an emergency directive from the Cybersecurity and Infrastructure Security Agency stated.
The update, released on July 14, a “Patch Tuesday,” addresses a vulnerability that could give unauthorized users the ability “to run arbitrary code in the context of the Local System Account” by sending malicious requests to a Windows DNS server.
The directive instructs agencies to at least apply a “workaround” if they need to buy time but to do it by 2 p.m. Eastern Standard Time on July 17. CISA requires an initial status report Mon., July 20 and a completion report due Fri., July 24.
“CISA has determined that this vulnerability poses unacceptable significant risk to the Federal Civilian Executive Branch and requires an immediate and emergency action,” the directive reads. “This determination is based on the likelihood of the vulnerability being exploited, the widespread use of the affected software across the Federal enterprise, the high potential for a compromise of agency information systems, and the grave impact of a successful compromise.”
In a blog post on the directive, CISA Director Christopher Krebs noted this is only the third time “I have found it urgent enough to take this type of action and issue an Emergency Directive.”
According to the directive, it’s possible for malicious actors to reverse engineer a publicly available patch to expose underlying vulnerabilities. The technical ways to mitigate the vulnerability are via software update, or registry modification.
The registry modification is the workaround that must be completed Friday, if patching isn’t poss ..
Support the originator by clicking the read the rest link below.
