The message from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) is clear on this Microsoft Windows vulnerability: "You should patch now. Don't wait on this one."
Technically, this emergency directive only applies to federal agencies.
But those of you in state and local governments, the private sector, and others may still want to listen up.
A recent CISA announcement exposed a massive vulnerability in Microsoft's Domain Name System servers.
The directive requires federal agencies to apply the July 2020 Security Update, or the temporary registry-based workaround if patching isn't possible right away.
That's a component of CISA's two-step directions for addressing this vulnerability:
- Update all endpoints running Windows Systems.
- Report information to CISA.
Emergency directives are pretty rare for CISA. This is only the third time that Christopher Krebs, CISA Director, has decided to use one.
What makes this vulnerability so dangerous? In short, it's wormable.
A blogpost from Microsoft explains what that means:
"Wormable vulnerabilities have the potential to spread via malware between vulnerable computers without user interaction. Windows DNS Server is a core networking component. While this vulnerability is not currently known to be used in active attacks, it is essential that customers apply Windows updates to address this vulnerability as soon as possible."
While no malware exploits are currently known for this vulnerability, CISA warns that any number of attacks could emerge in a matter of time.
Ergo, the urgency to act now and shut this vulnerability down.
For more information on this directive, check out this CISA report.