CISA issues emergency directive for federal agencies on Windows vulnerability

The Cybersecurity and Infrastructure Security Agency today issued an emergency directive requiring civilian federal agencies to patch vulnerabilities affecting Microsoft Windows systems after determining “these vulnerabilities pose an unacceptable risk to the Federal enterprise and require an immediate and emergency action.”

CISA said, “This determination is based on the likelihood of the vulnerabilities being weaponized, combined with the widespread use of the affected software across the Executive Branch and high potential for a compromise of integrity and confidentiality of agency...