Collaborate Disseminate
CyberScoop first reported on the existence of the directive, which calls the pilfered emails “a grave and unacceptable risk to agencies.”
The post CISA emergency directive tells agencies to fix credentials after Microsoft breach appeared first on CyberScoop.
Continue reading CISA emergency directive tells agencies to fix credentials after Microsoft breach
The Cybersecurity and Infrastructure Security Agency late Tuesday ordered federal agencies to disable the Microsoft Windows Print Spooler service because of an alarming flaw that could allow attackers to take over systems remotely. CISA, part of the Department of Homeland Security, gave agencies until midnight Wednesday to disable the service in response to the so-called “PrintNightmare” bug. Its “emergency directive” also ordered agencies to implement Microsoft security updates by July 20. The PrintNightmare issue has given Microsoft fits for weeks. It issued a patch last week that some security pros said didn’t work properly. On Tuesday, Microsoft issued another Print Spooler fix as part of its “Patch Tuesday” update, the latest of which also included answers for 13 “critical vulnerabilities” and four under active attack. “CISA has determined that this vulnerability poses an unacceptable risk to Federal Civilian Executive Branch agencies and requires emergency action,” CISA said in its PrintSpooler […]
The post CISA orders agencies to disable Microsoft Print Spooler in response to ‘PrintNightmare’ flaw appeared first on CyberScoop.
An emergency directive orders some federal agencies to apply Microsoft’s patch for a critical DNS vulnerability by Friday, July 17 at 2 p.m. (ET). Continue reading CISA Emergency Directive Orders Immediate Fix of Windows DNS Server Bug