Security News > 2020 > September > US Cybersecurity agency issues super-rare Emergency Directive to patch Windows Server flaw ASAP
Uncle Sam's Cybersecurity and Infrastructure Security Agency has taken the unusual step of issuing an emergency directive that gives US government agencies a four-day deadline to roll out a Windows Server patch.
The directive, issued on September 18, demanded that executive agencies to take "Immediate and emergency action" to patch CVE-2020-1472, the CVSS-perfect-ten-rated flaw that Dutch security outfit Secura BV said allows attackers to instantly become domain admin by subverting Microsoft's Netlogon cryptography.
CISA has directed executive agencies to apply the patch by September 21, as well as strongly urging state and local government agencies, the private sector, and members of the public to update as soon as possible.
"We do not issue emergency directives unless we have carefully and collaboratively assessed it to be necessary," the agency warned.
US government agencies need the firmest possible prod to get it done.
News URL
https://go.theregister.com/feed/www.theregister.com/2020/09/21/cisa_zerologon_emergency_directive/
Related news
- Week in review: Tips for starting your cybersecurity career, Patch Tuesday forecast (source)
- Windows Server August updates fix Microsoft 365 Defender issue (source)
- Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled, patch now (source)
- You probably want to patch this critical GitHub Enterprise Server bug now (source)
- Microsoft: August updates cause Windows Server boot issues, freezes (source)
- US sues Georgia Tech over alleged cybersecurity failings as a Pentagon contractor (source)
- Employee arrested for locking Windows admins out of 254 servers in extortion plot (source)
- To patch this server, we need to get someone drunk (source)
- Microsoft fixes Windows Server performance issues from August updates (source)
- Windows Server 2025 previews security updates without restarts (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-17 | CVE-2020-1472 | Use of Insufficiently Random Values vulnerability in multiple products An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). | 5.5 |