Homeland Security’s National Security Advisory Department has issued a rare alert to government departments following the recent disclosure of a “critical” assessment of security vulnerabilities in Microsoft’s server versions. Windows.
The Agency for Cyber Security and Infrastructure Security, better known as CISA, issued a signal late Friday urging all federal departments and agencies to “immediately” patch all Windows servers vulnerable to the so-called Zerologon attack by Monday, citing “unacceptable risk” government networks.
This is the third alarm issued by CISA this year.
The Zerologon vulnerability, rated at a maximum severity of 1
With full network access, an attacker can infiltrate malware, ransomware, or steal sensitive internal files.
Security company Secura, which discovered the error, said it took “about three seconds in practice” to exploit the vulnerability.
Microsoft pushed back the initial fix in August to prevent exploitation. But given the complexity of the bug, Microsoft said it would have to release a second patch early next year to fix the problem completely.
But the race is for patching up systems after researchers reportedly released an evidence code that potentially allows attackers to use the code to launch attacks. CISA said on Friday “it suggests that the active exploitation of this vulnerability is happening in the wild.”
Although the CISA warning only applies to federal government networks, the agency said it “urges” companies and consumers to fix their systems as soon as possible, if not already.