CISA orders feds to patch actively exploited Windows Server WSUS flaw

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive ordering all federal agencies to immediately patch a critical vulnerability in Windows Server Update Services (WSUS). The vulnerability, tracked as CVE-2024-58410, is currently being actively exploited by cybercriminals in the wild, putting government systems at significant risk.

The flaw allows unauthorized attackers to gain elevated privileges on affected Windows Server instances running WSUS, potentially leading to complete system compromise. The vulnerability affects WSUS servers that have not applied the latest security updates from Microsoft.

CISA has given federal agencies 72 hours to apply the necessary patches and verify their systems are protected. Failure to comply with the directive may result in agencies being disconnected from federal networks until the vulnerability is remediated.

Security experts warn that this vulnerability is particularly dangerous because WSUS servers typically have broad access across network infrastructure, making them attractive targets for sophisticated attackers. The exploit chain could allow bad actors to distribute malicious updates to all connected systems, potentially compromising entire government networks.