Security News > 2020 > September > US Cybersecurity agency issues super-rare Emergency Directive to patch Windows Server flaw ASAP
Uncle Sam's Cybersecurity and Infrastructure Security Agency has taken the unusual step of issuing an emergency directive that gives US government agencies a four-day deadline to roll out a Windows Server patch.
The directive, issued on September 18, demanded that executive agencies to take "Immediate and emergency action" to patch CVE-2020-1472, the CVSS-perfect-ten-rated flaw that Dutch security outfit Secura BV said allows attackers to instantly become domain admin by subverting Microsoft's Netlogon cryptography.
CISA has directed executive agencies to apply the patch by September 21, as well as strongly urging state and local government agencies, the private sector, and members of the public to update as soon as possible.
"We do not issue emergency directives unless we have carefully and collaboratively assessed it to be necessary," the agency warned.
US government agencies need the firmest possible prod to get it done.
News URL
https://go.theregister.com/feed/www.theregister.com/2020/09/21/cisa_zerologon_emergency_directive/
Related news
- 'Patch yesterday': Zimbra mail servers under siege through RCE vuln (source)
- Microsoft fixes Remote Desktop issues caused by Windows Server update (source)
- US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity servers (source)
- Microsoft deprecates PPTP and L2TP VPN protocols in Windows Server (source)
- VMware fixes bad patch for critical vCenter Server RCE flaw (source)
- Exploit released for new Windows Server "WinReg" NTLM Relay attack (source)
- Microsoft confirms Windows Server 2025 blue screen, install issues (source)
- Windows Server 2025 released—here are the new features (source)
- November 2024 Patch Tuesday forecast: New servers arrive early (source)
- Microsoft blames Windows Server 2025 automatic upgrades on 3rd-party tools (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-17 | CVE-2020-1472 | Use of Insufficiently Random Values vulnerability in multiple products An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). | 0.0 |