• Office of the Comptroller

CISA releases emergency directive on critical Microsoft vulnerability

The Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has released an emergency directive addressing a critical vulnerability affecting all versions of Windows Server with the Domain Name System (DNS) role enabled. A remote attacker could exploit this vulnerability to take control of an affected system. This vulnerability is considered “wormable” because malware exploiting it on a system could, without user interaction, propagate to other vulnerable systems. CISA strongly recommends state and local governments, the private sector, and others patch this critical vulnerability as soon as possible. For more information, visit https://us-cert.cisa.gov/ncas/current-activity/2020/07/16/cisa-releases-emergency-directive-critical-microsoft-vulnerability. Visit the Cyber Center for additional resources and links for cyber alerts, and contact CTREmergencyNotification@mass.gov with any incidents or suspected incidents of fraud or cyber attacks.


OFFICE OF THE COMPTROLLER OF THE COMMONWEALTH

William McNamara, Comptroller of the Commonwealth

One Ashburton Place, 9th Floor, Boston MA 02108

comptroller.info@mass.gov

For your protection, please do not email personal information (e.g. Social Security Number, Bank Account Number, Passwords).

For assistance, please call us at

(617) 727-5000

  • Twitter
  • Facebook
  • LinkedIn
  • Instagram