CISA releases emergency directive on critical Microsoft vulnerability
The Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has released an emergency directive addressing a critical vulnerability affecting all versions of Windows Server with the Domain Name System (DNS) role enabled. A remote attacker could exploit this vulnerability to take control of an affected system. This vulnerability is considered “wormable” because malware exploiting it on a system could, without user interaction, propagate to other vulnerable systems. CISA strongly recommends state and local governments, the private sector, and others patch this critical vulnerability as soon as possible. For more information, visit https://us-cert.cisa.gov/ncas/current-activity/2020/07/16/cisa-releases-emergency-directive-critical-microsoft-vulnerability. Visit the Cyber Center for additional resources and links for cyber alerts, and contact CTREmergencyNotification@mass.gov with any incidents or suspected incidents of fraud or cyber attacks.