Windows Update Gets Serious

[bsm2]

Windows Update Gets Serious: You Have The Weekend To Comply, Homeland Security Says

Windows Update Gets Serious: You Have The Weekend To Comply, Homeland Security Says

Windows security updates should always be taken seriously, of that there is no doubt. But when the U.S. Department of Homeland Security, Cybersecurity and Infrastructure Security Agency (CISA) issues an emergency directive for a perfect 10, critical, Windows Server vulnerability, the urgency meter goes off the scale.

This is a vulnerability that could enable an attacker with network access to gain admin status by sending a string of zeros using the Windows Netlogon protocol. A vulnerability that, CISA said, must be assumed as being actively exploited in the wild.

[slimslob]

The directive is pointed primarily at US government offices but all other companies and individuals running Windows Server should also comply. I am sure that bsm2 being an IT is aware that normally Windows Server is not set to update automatically. IT have to personnel schedule server down time in order to deploy the update to all the servers they are responsible.