The U.S. Department of Homeland Security, Cybersecurity and Infrastructure Security Agency (CISA) doesn’t issue emergency directives unless there’s a serious cause for concern.
There is a vulnerability that could enable an attacker with network access to gain admin status by sending a string of zeros using the Windows Netlogon protocol. A vulnerability that, CISA said, must be assumed as being actively exploited in the wild.
Government agencies have until midnight tonight, Monday, September 21, to get their patching in order.
While this directive applies to executive branch departments and agencies, the CISA also “strongly recommends” that not only should local and state governments patch this critical vulnerability as a matter of urgency, but also the private sector.
Read more on the Emergency Directive on Microsoft Windows Netlogon Remote Protocol here.