{"id":5926,"date":"2020-01-14T15:27:13","date_gmt":"2020-01-14T15:27:13","guid":{"rendered":"https:\/\/www.n-able.com\/?p=5926"},"modified":"2021-06-02T17:10:08","modified_gmt":"2021-06-02T16:10:08","slug":"department-homeland-security-issues-emergency-directive-microsoft-critical-vulnerabilities","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/fr\/blog\/department-homeland-security-issues-emergency-directive-microsoft-critical-vulnerabilities","title":{"rendered":"Department of Homeland Security Issues Emergency Directive for Microsoft Critical Vulnerabilities"},"content":{"rendered":"
\n

Today Microsoft released several patches to address critical vulnerabilities. Several were of enough concern to prompt the Department of Homeland Security to issue an\u00a0Emergency Directive<\/a>\u00a0ordering all Federal agencies to patch these vulnerabilities within the next ten days.<\/p>\n

The vulnerabilities are found in the Windows CryptoAPI, as well as Remote Desktop Protocol (RDP) on both RDP Gateway Servers and RDP Clients.<\/p>\n

Here are the descriptions with links to the Microsoft Security Center so you can review the KB articles associated with them.<\/p>\n

CVE-2020-0601<\/a>\u00a0is a CryptoAPI spoofing vulnerability and affects Windows 10, Server 2016, and Server 2019, and could potentially allow an attacker to bypass antivirus and perform malicious actions on an affected endpoint. It is listed as Important and Exploitation More Likely by Microsoft.<\/p>\n

CVE-2020-0609<\/a>\u00a0and\u00a0CVE-2020-0610<\/a>\u00a0affect Remote Desktop Gateway on Windows Server 2012, 2012R2, 2016, and 2019 and could allow an attacker to execute code without any user interaction and with no authentication. These are listed as Critical and Exploitation More Likely by Microsoft.<\/p>\n

CVE-2020-0611<\/a>\u00a0affects Remote Desktop Clients on all supported versions of Windows and Windows Server (including Windows 7) and could be exploited if a user is tricked into connecting to a Remote Desktop Server under the attacker\u2019s control. This vulnerability is listed as Critical and Exploitation Less Likely.<\/p>\n

While there are no active attacks at this time, these types of vulnerabilities attract bad actors who will attempt to use them for breach attempts.<\/p>\n

It is recommended to approve and deploy this month\u2019s security updates for all affected operating systems as soon as possible in your environment(s), with special attention given for any Internet facing systems first.<\/p>\n

We will update this blog if an attack is detected in the wild. We want to make sure you stay informed and protected, so stay tuned to this blog as situations like this arise in the future.<\/p>\n<\/div>\n

\n
\n
\n
\n
\n

Gill is Head Security Nerd at SolarWinds MSP, as well as Technical Marketing Manager, Principal. Having worked directly with MSPs for most of his career, Gill Langston has a unique and in-depth skillset within the managed services and security space. Focused on taking MSPs to the next level when it comes to their security services.\u00a0<\/em><\/p>\n

You can follow Gill on Twitter at\u00a0@Cybersec_Nerd<\/a>.<\/em><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

Today Microsoft released several patches to address critical vulnerabilities, Gill Langston looks at why this was enough to prompt Department of Homeland Security to issue an Emergency Directive.<\/p>\n","protected":false},"author":27,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-5926","post","type-post","status-publish","format-standard","hentry","topic-head-nerds","topic-security"],"acf":[],"yoast_head":"\nDepartment of Homeland Security Issues Emergency Directive for Microsoft Critical Vulnerabilities - N-able<\/title>\n<meta name=\"description\" content=\"Today Microsoft released several patches to address critical vulnerabilities, Gill Langston looks at why this was enough to prompt Department of Homeland Security to issue an Emergency Directive.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.n-able.com\/fr\/blog\/department-homeland-security-issues-emergency-directive-microsoft-critical-vulnerabilities\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Department of Homeland Security Issues Emergency Directive for Microsoft Critical Vulnerabilities - N-able\" \/>\n<meta property=\"og:description\" content=\"Today Microsoft released several patches to address critical vulnerabilities, Gill Langston looks at why this was enough to prompt Department of Homeland Security to issue an Emergency Directive.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.n-able.com\/fr\/blog\/department-homeland-security-issues-emergency-directive-microsoft-critical-vulnerabilities\" \/>\n<meta property=\"og:site_name\" content=\"N-able\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NableMSP\" \/>\n<meta property=\"article:published_time\" content=\"2020-01-14T15:27:13+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-06-02T16:10:08+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Gill Langston\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Nable\" \/>\n<meta name=\"twitter:site\" content=\"@Nable\" \/>\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"Gill Langston\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/department-homeland-security-issues-emergency-directive-microsoft-critical-vulnerabilities#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/department-homeland-security-issues-emergency-directive-microsoft-critical-vulnerabilities\"},\"author\":{\"name\":\"Gill Langston\",\"@id\":\"https:\/\/www.n-able.com\/fr#\/schema\/person\/ccb02e43837727da6ab962f5357e872a\"},\"headline\":\"Department of Homeland Security Issues Emergency Directive for Microsoft Critical Vulnerabilities\",\"datePublished\":\"2020-01-14T15:27:13+00:00\",\"dateModified\":\"2021-06-02T16:10:08+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/department-homeland-security-issues-emergency-directive-microsoft-critical-vulnerabilities\"},\"wordCount\":385,\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/fr#organization\"},\"articleSection\":[\"Head Nerds\",\"Security\"],\"inLanguage\":\"fr-FR\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/department-homeland-security-issues-emergency-directive-microsoft-critical-vulnerabilities\",\"url\":\"https:\/\/www.n-able.com\/fr\/blog\/department-homeland-security-issues-emergency-directive-microsoft-critical-vulnerabilities\",\"name\":\"Department of Homeland Security Issues Emergency Directive for Microsoft Critical Vulnerabilities - N-able\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/fr#website\"},\"datePublished\":\"2020-01-14T15:27:13+00:00\",\"dateModified\":\"2021-06-02T16:10:08+00:00\",\"description\":\"Today Microsoft released several patches to address critical vulnerabilities, Gill Langston looks at why this was enough to prompt Department of Homeland Security to issue an Emergency Directive.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/department-homeland-security-issues-emergency-directive-microsoft-critical-vulnerabilities#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.n-able.com\/fr\/blog\/department-homeland-security-issues-emergency-directive-microsoft-critical-vulnerabilities\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.n-able.com\/fr\/blog\/department-homeland-security-issues-emergency-directive-microsoft-critical-vulnerabilities#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Security\",\"item\":\"https:\/\/www.n-able.com\/fr\/blog\/category\/security\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Department of Homeland Security Issues Emergency Directive for Microsoft Critical Vulnerabilities\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.n-able.com\/fr#website\",\"url\":\"https:\/\/www.n-able.com\/fr\",\"name\":\"N-able\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/fr#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.n-able.com\/fr?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.n-able.com\/fr#organization\",\"name\":\"N-able\",\"url\":\"https:\/\/www.n-able.com\/fr\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/www.n-able.com\/fr#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"contentUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"N-able\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/fr#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NableMSP\",\"https:\/\/x.com\/Nable\",\"https:\/\/www.linkedin.com\/company\/n-able\",\"https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.n-able.com\/fr#\/schema\/person\/ccb02e43837727da6ab962f5357e872a\",\"name\":\"Gill Langston\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/7e3211da194e6f8c74fccea7140d31255418759757a5d157a8eb4fd12fd0f1f2?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/7e3211da194e6f8c74fccea7140d31255418759757a5d157a8eb4fd12fd0f1f2?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/7e3211da194e6f8c74fccea7140d31255418759757a5d157a8eb4fd12fd0f1f2?s=96&d=mm&r=g\",\"caption\":\"Gill Langston\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Department of Homeland Security Issues Emergency Directive for Microsoft Critical Vulnerabilities - N-able","description":"Today Microsoft released several patches to address critical vulnerabilities, Gill Langston looks at why this was enough to prompt Department of Homeland Security to issue an Emergency Directive.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.n-able.com\/fr\/blog\/department-homeland-security-issues-emergency-directive-microsoft-critical-vulnerabilities","og_locale":"fr_FR","og_type":"article","og_title":"Department of Homeland Security Issues Emergency Directive for Microsoft Critical Vulnerabilities - N-able","og_description":"Today Microsoft released several patches to address critical vulnerabilities, Gill Langston looks at why this was enough to prompt Department of Homeland Security to issue an Emergency Directive.","og_url":"https:\/\/www.n-able.com\/fr\/blog\/department-homeland-security-issues-emergency-directive-microsoft-critical-vulnerabilities","og_site_name":"N-able","article_publisher":"https:\/\/www.facebook.com\/NableMSP","article_published_time":"2020-01-14T15:27:13+00:00","article_modified_time":"2021-06-02T16:10:08+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg","type":"image\/jpeg"}],"author":"Gill Langston","twitter_card":"summary_large_image","twitter_creator":"@Nable","twitter_site":"@Nable","twitter_misc":{"\u00c9crit par":"Gill Langston","Dur\u00e9e de lecture estim\u00e9e":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.n-able.com\/fr\/blog\/department-homeland-security-issues-emergency-directive-microsoft-critical-vulnerabilities#article","isPartOf":{"@id":"https:\/\/www.n-able.com\/fr\/blog\/department-homeland-security-issues-emergency-directive-microsoft-critical-vulnerabilities"},"author":{"name":"Gill Langston","@id":"https:\/\/www.n-able.com\/fr#\/schema\/person\/ccb02e43837727da6ab962f5357e872a"},"headline":"Department of Homeland Security Issues Emergency Directive for Microsoft Critical Vulnerabilities","datePublished":"2020-01-14T15:27:13+00:00","dateModified":"2021-06-02T16:10:08+00:00","mainEntityOfPage":{"@id":"https:\/\/www.n-able.com\/fr\/blog\/department-homeland-security-issues-emergency-directive-microsoft-critical-vulnerabilities"},"wordCount":385,"publisher":{"@id":"https:\/\/www.n-able.com\/fr#organization"},"articleSection":["Head Nerds","Security"],"inLanguage":"fr-FR"},{"@type":"WebPage","@id":"https:\/\/www.n-able.com\/fr\/blog\/department-homeland-security-issues-emergency-directive-microsoft-critical-vulnerabilities","url":"https:\/\/www.n-able.com\/fr\/blog\/department-homeland-security-issues-emergency-directive-microsoft-critical-vulnerabilities","name":"Department of Homeland Security Issues Emergency Directive for Microsoft Critical Vulnerabilities - N-able","isPartOf":{"@id":"https:\/\/www.n-able.com\/fr#website"},"datePublished":"2020-01-14T15:27:13+00:00","dateModified":"2021-06-02T16:10:08+00:00","description":"Today Microsoft released several patches to address critical vulnerabilities, Gill Langston looks at why this was enough to prompt Department of Homeland Security to issue an Emergency Directive.","breadcrumb":{"@id":"https:\/\/www.n-able.com\/fr\/blog\/department-homeland-security-issues-emergency-directive-microsoft-critical-vulnerabilities#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.n-able.com\/fr\/blog\/department-homeland-security-issues-emergency-directive-microsoft-critical-vulnerabilities"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.n-able.com\/fr\/blog\/department-homeland-security-issues-emergency-directive-microsoft-critical-vulnerabilities#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Security","item":"https:\/\/www.n-able.com\/fr\/blog\/category\/security"},{"@type":"ListItem","position":2,"name":"Department of Homeland Security Issues Emergency Directive for Microsoft Critical Vulnerabilities"}]},{"@type":"WebSite","@id":"https:\/\/www.n-able.com\/fr#website","url":"https:\/\/www.n-able.com\/fr","name":"N-able","description":"","publisher":{"@id":"https:\/\/www.n-able.com\/fr#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.n-able.com\/fr?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Organization","@id":"https:\/\/www.n-able.com\/fr#organization","name":"N-able","url":"https:\/\/www.n-able.com\/fr","logo":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/www.n-able.com\/fr#\/schema\/logo\/image\/","url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","contentUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","width":"1024","height":"1024","caption":"N-able"},"image":{"@id":"https:\/\/www.n-able.com\/fr#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NableMSP","https:\/\/x.com\/Nable","https:\/\/www.linkedin.com\/company\/n-able","https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw"]},{"@type":"Person","@id":"https:\/\/www.n-able.com\/fr#\/schema\/person\/ccb02e43837727da6ab962f5357e872a","name":"Gill Langston","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/secure.gravatar.com\/avatar\/7e3211da194e6f8c74fccea7140d31255418759757a5d157a8eb4fd12fd0f1f2?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/7e3211da194e6f8c74fccea7140d31255418759757a5d157a8eb4fd12fd0f1f2?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7e3211da194e6f8c74fccea7140d31255418759757a5d157a8eb4fd12fd0f1f2?s=96&d=mm&r=g","caption":"Gill Langston"}}]}},"_links":{"self":[{"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/posts\/5926","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/users\/27"}],"replies":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/comments?post=5926"}],"version-history":[{"count":0,"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/posts\/5926\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.n-able.com\/fr\/wp-json\/wp\/v2\/media?parent=5926"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}