The Department of Homeland Security (DHS) made an emergency mandate last month around Windows DNS vulnerabilities.  The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently identified a vulnerability in the Windows Domain Name System CVE-2020-1350. When the servers fail to properly handle requests, hackers can exploit this vulnerability by running arbitrary code in order to execute commands. A patch created by Microsoft is able to reverse-engineer this vulnerability through a software update or registry modification, which is more often applied as a temporary solution until an update can be applied.

Though the vulnerability has not been exploited by hackers, it still poses a significant threat to the security of software and information across the Federal enterprise, particularly because it is “wormable” and can spread between vulnerable computers without user interaction. With this in mind, the repercussions posed by even a small breach could be devastating.

The Emergency Directive issued by the CISA, which outlines specific orders and deadlines to be applied across the DHS and Federal Civilian Branch, is a critical step in creating a widespread standard of eliminating this vulnerability. ED-20-03 orders required actions for updating system endpoints and reporting back to the agency between July 20th and July 24th. It also outlines a plan through August and September for monitoring the patched vulnerabilities and engaging with agencies which have not met completed the required actions. If software can’t be patched before the deadline, CISA recommends taking it offline.

Although the directive only applies to some Executive branch departments and agencies, its guidelines can and should be closely followed by other organizations using DNS servers, such as state and local governments and the private sector. The directive’s timeline is short, but the process of ensuring the servers’ security is a long-term commitment. Because vulnerabilities unfortunately do not always come to light before they are exploited in cyber-attacks, it is crucial to have directives like this in place to guide agency-wide counteraction for the unpredictable.

For our Federal customers, the Symposit team responded to the DHS mandate in July and was able to address our client’s vulnerabilities and make necessary systemic changes. It is not an easy repair process, but our experiences is one we are eager to share in support of our clients and those organizations looking for advice on how to proceed. Talk with a Symposit advisor today and take the steps to address this vulnerability, and how your business can be better prepared for this and other cyber risks.

Symposit LLC:

We help our clients save money, time and frustration by implementing and managing technology solutions that increase productivity, decrease risk and drive growth. For over 10 years we have supported U.S. Federal Government, State and Local Governments, Defense Contractors, Healthcare providers and numerous private clients. Advisory Managed Services and Infrastructure Operations offerings remain our core competencies. Our clients need an agile, responsive workforce with low overhead, delivering 30% or more in reduced IT costs.

Symposit: better ways of serving business through technology.

Contact us at https://symposit.com/ or info@symposit.com

Blog, Uncategorized