The Cybersecurity and Infrastructure Security Agency (CISA) emergency directive 20-03 was signed off by the agency’s director Christopher C. Krebs on July 16, giving federal agencies until 2 p.m. EDT on July 17 to update their Windows. The directive comes after cybersecurity researchers detected a dangerous vulnerability named SIGRed. The deadline for agencies that use Windows Server is set to 2 p.m. EDT, July 24.
SIGRed Vulnerability: Easy to Use and Highly Exploitable
CVE-2020-1350 or SIGRed is a “perfect” 10 under the Common Vulnerability Scoring System (CVSS) due to the vulnerabilities ease of use, it’s high infection potential, and the likelihood of it being exploited by bad actors. These factors prompted CISA to issue an emergency directive giving federal agencies 24 hours to update their Windows Server.
Check Point researchers initially discovered SIGRed, with Microsoft confirming that it is a vulnerability affecting all versions of Windows Server. The vulnerability itself affects the Windows Domain Name System (DNS) service implementation, which could give attackers full administrator rights on a network.
While CISA’s directive only really applies to US Executive Branch departments and agencies, the agency is recommending that state and local governments update as soon as possible as well, with the same advice being given to the private sector and individuals running Windows Server.