CISA puts pressure on government agencies to get them to fix a Windows vulnerability that is being actively exploited.
On Friday, the U.S. The Cybersecurity and Infrastructure Security Agency (CISA) announced that it has added the vulnerability –CVE-2022-21882 – with a critical CVSS rating of 7.0 to its catalog of Known Exploited Vulnerabilities.
Microsoft has addressed the issue as part of its January 2022 Tuesday updates: a sprawling set of patches that addressed 97 security threats, nine of which were critical CVEs, along with a self-propagator with a 9.8 CVSS ratingThe move means the Federal Civilian Executive Branch (FCEB) agencies have until February 18, 2022 to fix thevulnerability, which affects all unpatched versions of Windows 10.
Read More: https://threatpost.com/cisa-orders-federal-agencies-to-fix-actively-exploited-windows-bug/178270/