Emergency Security Directive Issued

An emergency directive on the 18th September 2020 by the US Cybersecurity and Infrastructure Security Agency (CISA) instructs government agencies to deploy a critical Windows server update within 4 days.

The update released by Microsoft fixes a critical vulnerability in Windows Server operating systems that could allow an unauthenticated attacker with network access to a domain controller to completely compromise all Active Directory identity services. In much simpler terms, this update fixes an issue that could allow a hacker to take control of every computer and server within a network.

Applying the update released by Microsoft on August 11 is currently the only mitigation to this vulnerability (aside from removing affected domain controllers from the network).

It is unusual for the CISA to issue Emergency directives, and with such short implementation time frames, which highlights how severe this exploit is and the urgent need to fix it as soon as possible.

If you need help ensuring devices on your network are patched and up to date then get in touch with Southern Logic today! We offer a wide range of security services including keeping your devices up to date to ensure your business and data are protected.