CISA Issues Emergency Directive Concerning Microsoft Windows Security Flaw
The Cybersecurity and Infrastructure Security Agency has ordered federal agencies to shut down the Microsoft Windows Print Spooler service due to a flaw that attackers could use to take over systems remotely.
Under the emergency directive, the Department of Homeland Security’s top cybersecurity organization also directed all government agencies to implement Microsoft security updates by July 20.
CISA said the vulnerability, dubbed “PrintNightmare,” poses an “unacceptable risk” to Federal Civilian Executive Branch agencies, noting that the issue requires emergency action, CyberScoop reported.
“This determination is based on the current exploitation of this vulnerability by threat actors in the wild, the likelihood of further exploitation of the vulnerability, the prevalence of affected software in the federal enterprise, and the high potential for a compromise of agency information systems,” CISA said in its directive.
The agency also warned that if adversaries exploit the vulnerability, networks used by U.S. government agencies could be compromised.
Speaking to BBC, computer security firm Darktrace’s Max Heinemeyer called the PrintNightmare bug a “cyber bazooka” that malicious actors could use with relative ease and to great effect.
Microsoft had already released an update to resolve the bug earlier this month, but researchers found a way to bypass the fix within hours.
On July 13, Microsoft again issued a Print Spooler fix as part of its “Patch Tuesday” update.
The latest update addressed at least 116 vulnerabilities in Windows operating systems and related software. Microsoft described four of the security issues as being actively attacked.
Tags: CISA CyberScoop cybersecurity Darktrace Department of Homeland Security emergency directive federal agencies FedScoop Max Heinemeyer Microsoft Microsoft Print Spooler PrintNightmare flaw