The Cybersecurity and Infrastructure Security Agency issued Emergency Directive 21-04 on mitigating a vulnerability in the Microsoft Windows Print Spooler service.
Background: Microsoft said a remote code execution vulnerability exists when the service improperly performs privileged file operations, allowing attackers who exploit the vulnerability to install programs, view or change data, or create new accounts with full user rights.
Directive: CISA directed federal agencies to immediately apply Microsoft updates and disable the service on Windows servers and workstations.
More: Additional data and cyber security information and resources are available on ICBA’s Operational Risk resource center.