DHS CISA orders Federal agencies to patch serious Windows flaw

“A serious flaw in Microsoft Windows could leave federal government servers open to hackers and needs to be patched by midnight on Sept. 21, said a warning from the Cybersecurity and Infrastructure Security Agency.”

“The vulnerability affects core authentication capabilities, CISA warned in an Sept. 18 emergency directive. Failure to patch could permit unauthorized attackers to access and take over domain controllers’ identity services.”

“The warning cites the ‘widespread presence of the affected domain controllers across the federal enterprise’ and the ‘high potential for a compromise of agency information systems.’”

“The vulnerability, Microsoft said in an August notice on the problem, could allow an attacker to elevate their domain privileges within the network without authentications, once they get inside.”

“If an unauthorized attacker gets control of the identity capabilities at one agency, said CISA, the access could be used to compromise other federal networks…” Read the full article here.

Source: CISA orders agencies to patch dire Window flaw – By Mark Rockwell, September 21, 2020. FCW.


This topic contains 0 replies, has 1 voice, and was last updated by  Jackie Gilbert 1 year ago.

  • Author
  • #108250

    Replies viewable by members only


You must be logged in to reply to this topic.


Questions?. Send us an email and we'll get back to you, asap.


©2021 MileMarker10, LLC all rights reserved | Community and Member Guidelines | Privacy Policy | About G2Xchange FedCiv

Opportunities. Starting Points.

About our Data

The Vault is a listing of expiring contracts, task orders, etc. within a certain set of parameters, to include:

  • Have an initial total estimated contract value of $10 million or above
  • Federal Civilian Only – DHS, Transportation, Justice, Labor, Interior, Commerce, Energy, State, and Treasury Actions
  • NAICS codes include: 511210, 518210, 519130, 519190, 541511,
    541513, 541519, 541611, 541618,
    541690, 541720, 541990
  • Were modified within the last 12 calendar months
  • The data represented is based on information provided by the government

Who has access? Please note that ALL G2Xchange FedCiv Members will receive access to all basic and much of the advanced data. G2Xchange FedCiv Corporate Members will receive access to ALL Vault content (basic and advanced).

Feedback/Suggestions? Contact us at Vault@G2Xchange.com and let us know what you think. 

G2Xchange FedCiv

Log in with your credentials for G2Xchange FedCiv

Forgot your details?