On Friday, Assistant Director for the Cybersecurity and Infrastructure Security Agency (CISA) Bryan Ware announced that the agency was issuing Emergency Directive 20-04, which instructs Federal Civilian Executive Branch agencies to apply a security update for Microsoft’s Windows Servers to all domain controllers.
“The update fixes recently discovered flaw in Windows Netlogon Remote Protocol that could allow an unauthenticated attacker with network access to a domain controller to completely compromise all Active Directory identity services,” Ware wrote in a release. Agencies have been directed to implement the patch to their infrastructures by Sept. 21, 2020.
Without a patch, the vulnerability could allow cyber attackers to compromise network identity services. Despite agencies being responsible for managing their own network risk, CISA is responsible for securing the Federal enterprise.
“CISA will provide assistance and resources to guide agencies with completing required actions,” Ware wrote. “The investments in the Continuous Diagnostics and Mitigation Program will pay dividends as it will help Federal agencies with mature implementation to identify where unpatched servers reside and track patching progress.”
Additionally, CISA recommends that state and local government, the private sector, and the public also apply the security update as soon as possible, despite the directive applying to Executive Branch agencies.