US Cybersecurity agency issues super-rare Emergency Directive to patch Windows Server flaw ASAP

US Cybersecurity agency issues super-rare Emergency Directive to patch Windows Server flaw ASAP

The US Cybersecurity and Infrastructure Security Agency (CISA) has taken the unusual step of issuing an emergency directive that gives US government agencies a four-day deadline to implement a Windows Server patch.


The directive, issued on September 18th, demanded that executive agencies to take “immediate and emergency action” to patch CVE-2020-1472, the CVSS-perfect-ten-rated flaw that Dutch security outfit Secura BV said allows attackers to instantly become domain admin by subverting Netlogon cryptography.


This means the bug can “be used to obtain domain admin credentials and then restore the original DC password,” the report said.


“This attack has huge impact. It ..

Support the originator by clicking the read the rest link below.