Microsoft Windows 10, Windows 11, Windows Server CISA Security Warning
As the latest Microsoft Patch Tuesday security updates are about to be removed, an emergency Windows update order has been issued by CISA. The US Cybersecurity and Infrastructure Security Agency has confirmed that threat actors are actively exploiting an elevation of privilege vulnerability on Windows 10, Windows 11, and Windows Server installations, which could lead to a complete system compromise.
A significant risk for Windows users
In a CISA advisory published on February 4, the agency states that CVE-2022-21882 poses a “significant risk to the federal enterprise.” The vulnerability itself was actually among those patched during Microsoft’s January Patch Tuesday rollout, and systems that applied those patches are no longer at risk. However, as Bleeping Computer reported at the time, some bugs have hit Windows Servers users while applying these January updates. This could well have meant that many system administrators, including those in federal agencies, chose to delay the process.
CISA gives federal agencies two weeks to correct
CISA has given Federal Civilian Executive Branch (FCEB) agencies just two weeks to comply and patch their systems to mitigate the risk of this actively exploited Windows vulnerability. However, CISA “strongly urges” all organizations to prioritize this particular remediation process, as it says these types of vulnerabilities are “a frequent attack vector for malicious cyber actors of all types.” Since this type of emergency directive isn’t exactly a daily occurrence, I agree that patching as soon as possible, if possible, is the prudent course of action in this case.