CISA Releases Emergency Directive and Activity Alert on Critical Microsoft Vulnerabilities
01/14/2020 02:08 PM EST
Original release date: January 14, 2020
The Cybersecurity and Infrastructure Security Agency (CISA) has released an Emergency Directive and Activity Alert addressing critical vulnerabilities affecting Windows CryptoAPI and Windows Remote Desktop Protocol (RDP) server and client. A remote attacker could exploit these vulnerabilities to decrypt, modify, or inject data on user connections.
Although Emergency Directive 20-02 applies only to certain Executive Branch departments and agencies, CISA strongly recommends state and local governments, the private sector, and others also patch these critical vulnerabilities as soon as possible. Review the following resources for more information:
This product is provided subject to this Notification and this Privacy & Use policy.