35.9 F
Washington D.C.
Wednesday, February 1, 2023

CISA Issues Emergency Directive Requiring Federal Agencies to Mitigate Windows Print Spooler Service Vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive (ED) 21-04 today to mitigate a Microsoft Windows print spooler service vulnerability CVE-2021-34527 being actively exploited. Federal civilian agencies are required to immediately disable the print spooler service on Microsoft Active Directory Domain Controllers, apply the Microsoft July 2021 cumulative updates, and make additional configuration changes to all Microsoft Windows servers and workstations within one week.

Exploitation of the vulnerability allows an attacker to remotely execute code with system level privileges, enabling a threat actor to quickly compromise the entire identity infrastructure of a targeted organization.

The emergency directive is in response to validated active exploitations. CISA is concerned that exploitation of this vulnerability may lead to full system compromise of affected agency networks if left unmitigated.

“Since this exploitation was identified, CISA has been engaged with Microsoft and federal civilian agencies to assess potential risk to federal agencies and critical infrastructure,” said Eric Goldstein, Executive Assistant Director for Cybersecurity, CISA. “CISA’s mission is to protect the nation against cybersecurity threats, and this directive reflects our determination to require emergency action for exploitations that pose an unacceptable risk to the federal civilian enterprise. We will continue to actively monitor exploitation of this vulnerability and provide additional guidance, as appropriate.”

Although only directed to federal agencies, CISA encourages public and private sector organizations to review our directive and consider similar steps to mitigate this vulnerability and avoid being exploited by malicious cyber actors.

Read the full Emergency Directive (ED) 21-04.

Read more at CISA

Homeland Security Todayhttp://www.hstoday.us
The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

Related Articles

- Advertisement -

Latest Articles