The Department of Homeland Security’s (DHS) cybersecurity agency ordered all federal agencies to patch critical Microsoft vulnerabilities made public by the National Security Agency (NSA) on Tuesday.
The vulnerabilities, which Microsoft announced it had released a security update for on Tuesday, included those that could expose a system to a significant breach or to surveillance, such as a Microsoft code flaw that could enable a hacker to forge a digital signature and hack a system.
DHS’s Cybersecurity and Infrastructure Security Agency (CISA) subsequently released an emergency directive on Tuesday afternoon requiring all agencies to implement Microsoft’s patch by Jan. 29, with CISA “strongly recommending” that all agencies begin patching “immediately.”
Critical Vulnerabilities in Microsoft Windows Operating Systems