CISA demands ’emergency action’ from agencies on Windows vulnerability patch
CISA’s emergency directive gives agencies mere days to assess the scope of the vulnerability to its systems, and 10 days to patch or remedy all its affected endpoints.
Rene Kolga, VP of Product Strategy, Nyotron:
“It’s ironic that on the day that spells the end of extended support for Windows 7, we also get the stark warning about a major vulnerability in Microsoft’s only officially supported desktop operating system. How many other vulnerabilities are lurking in Windows 10 that may already be leveraged by malicious actors? RAND’s study from a few years ago estimates that zero-day exploits and their underlying vulnerabilities have an almost 7-year life expectancy. Besides staying up-to-date with patches this highlights the importance of applying true defense in depth that includes both “chasing the bad” and “ensuring the good” security tools.”