Sign in / up

back to article US cybersecurity agency issues super-rare emergency directive to patch Windows Server flaw ASAP

Uncle Sam's Cybersecurity and Infrastructure Security Agency (CISA) has taken the unusual step of issuing an emergency directive that gives US government agencies a four-day deadline to roll out a Windows Server patch. The directive, issued on September 18, demanded that executive agencies to take “immediate and emergency …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. amanfromMars 1 Silver badge

    The Emperor has Lost All of his Clothes ....

    If one equates and is able to realise Windows Server is a euphemism for USAdministration, the critical severity of the vulnerability to relentlessly exploit and ruthlessly explore is understandable.

    Quite whether, whenever such is the case, there is any possible patch available to prevent further unauthorised irregular development by forces and/or sources ideally unknown, is highly questionable. ...... however, as hope springs eternal, it surely guarantees much futile future activity in a field in which there are no victories to celebrate nor battles to win.

    11 10 Reply
  2. Duncan Macdonald
    FAIL

    How many ?

    Despite the directive how many US government servers will still be unpatched at the end of the year ?

    Icon for the US government ================>

    14 1 Reply
    1. sanmigueelbeer
      Reply Icon
      Coat

      Re: How many ?

      how many US government servers will still be unpatched at the end of the year

      US Government agencies? Shirley not. They know what they are doing and do not need to be told what to do.

      El Reg, can I request for an "I told you so" icon, please?

      5 0 Reply
  3. Anonymous Coward
    Anonymous Coward

    Do not patch ..

    Command issued by the Trump White House - applies specifically to voting systems..

    10 3 Reply
    1. DS999 Silver badge
      Reply Icon

      Re: Do not patch ..

      If is anyone is using an internet connected Windows Server that's part of a domain as a voting machine, we're in more trouble than I thought.

      3 0 Reply
  4. Anonymous Coward
    Anonymous Coward

    Maybe

    we can call this the Westworld exploit, after the movie. Slip in replacement admins, all around the world.

    3 0 Reply
  5. John Smith 19 Gold badge
    Unhappy

    CASE NIGHTMARE GREEN of Windows security?

    Probably not. *

    *With Windows there is always something worse to find, although in this case it's going to be a pretty hard search.

    4 4 Reply
    1. amanfromMars 1 Silver badge
      Reply Icon

      CASE NIGHTMARE GREEN of Windows security? An Advanced Persistent Threat/Treat Vector with Sectors.

      The new norm, John Smith 19, for Windows with SMARTR AI Views is Fiendish in the Enemy of Friends UnFriendly to Enemies. "Tis a wholly New Novel AI and NEUKlearer HyperRadioProACTive IT World out there today, with all manner of tried and trusted knights and windmills to joust and tilt at/temper and engage.

      Rise like Lions after slumber

      In unvanquishable number.

      Shake your chains to earth like dew

      Which in sleep had fallen on you—

      Ye are many—they are few.

      ..... which is a verse from Shelley’s, The Masque of Anarchy, be extremely APT here, revealing as it does the nature and being of the opposition and resistance to be fully expected in the presence of any future discontent. The beauty and the sorrow of it is, so many will find it too impossible to easily believe ...... although the upside to that downside is, the invisible stealth delivered and enjoyed in intangible operations is almighty astounding and simply outstanding ....... leaving one to ponder and wonder on the practically invincible and singularly indivisible.

      5 4 Reply
  6. Claverhouse Silver badge
    Meh

    I Dunno

    If that government didn't act so fast to mandate patching, they'd be excoriated for indolence and enabling ransomware --- probably by The Reg --- yet when they do, they and the agencies are sneered at. Quite easy for admins to cautiously hold off on a Windows Update, lest worse befall.

    1 6 Reply
    1. IGotOut Silver badge
      Reply Icon

      Re: I Dunno

      Please point to the part of the article where the Reg "sneered" at them?

      The snark appears to be aimed at the agencies having to be told to patch.

      6 0 Reply
  7. fidodogbreath

    My wife works for the US Federal Government. Their IT is chronically underfunded, at least in terms of delivering basic-function items such as hardware and software updates. As a result, they're typically understaffed and pretty far behind the update curve. Witness the OPM hack (among many others).

    4 0 Reply
  8. JBowler

    Please, I know you aspire to be a newspaper but, please, stop scaring us.

    >That the agency feels the need to issue one for this flaw is notable given that simply applying Microsoft's August patches would have fixed the problem.

    Indeed, I did.

    3 0 Reply
  9. VE3ID

    Hmmm, so the August patches would have fixed the problem, which the security people are just noticing and issuing emergency advice? Sounds very much like the hurry up and wait brigade are no longer just in the military!

    2 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like