The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published a catalog of vulnerabilities, including from Apple, Cisco, Microsoft, and Google, that have known exploits and are being actively exploited by malicious cyber actors, in addition to requiring federal agencies to prioritize applying patches for those security flaws within “aggressive” timeframes.
“These vulnerabilities pose significant risk to agencies and the federal enterprise,” the agency said in a binding operational directive (BOD) issued Wednesday. “It is essential to aggressively remediate known exploited vulnerabilities to protect federal information systems and reduce cyber incidents.”
