CISA orders agencies to patch Windows, iOS bugs used in attacks

2022-09-14 16:48

CISA added two new vulnerabilities to its list of security bugs exploited in the wild today, including a Windows privilege escalation vulnerability and an arbitrary code execution flaw affecting iPhones and Macs.

Apple also patched the arbitrary code execution vulnerability on Monday and confirmed that it was exploited in attacks as a zero-day bug in the iOS and macOS kernel.

A binding operational directive issued in November 2021 says that all Federal Civilian Executive Branch Agencies agencies have to secure their networks against bugs added to CISA'sCISA's catalog of Known Exploited Vulnerabilities.

CISA has given Federal Civilian Executive Branch Agencies agencies three weeks, until October 10th, to address these two security flaws and block attacks that could target their systems.

"These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise," CISA warned today.

Since BOD 22-01 was issued, CISA has added over 800 security flaws to the catalog of bugs exploited in the wild, requiring federal agencies to address them on a tighter schedule to block attacks and potential security breaches.

News URL

https://www.bleepingcomputer.com/news/security/cisa-orders-agencies-to-patch-windows-ios-bugs-used-in-attacks/

#attack #cisa #IOS #patch #windows

News URL

Related news