New Federal Government Cybersecurity Incident and Vulnerability Response Playbooks

Original release date: November 16, 2021

The White House, via Executive Order (EO) 14028: Improving the Nation’s Cybersecurity, tasked CISA, as the operational lead for federal cybersecurity, to “develop a standard set of operational procedures (i.e., playbook) to be used in planning and conducting cybersecurity vulnerability and incident response activity” for federal civilian agency information systems. In response, today, CISA published the Federal Government Cybersecurity Incident and Vulnerability Response Playbooks. The playbooks provide federal civilian executive branch (FCEB) agencies with operational procedures for planning and conducting cybersecurity incident and vulnerability response activities. The playbooks provide illustrated decision trees and detail each step for both incident and vulnerability response.  
 
FCEB agencies should use the playbooks to shape their overall defensive cyber operations. The playbooks apply to information systems used or operated by an FCEB agency, a contractor of the agency, or another organization on behalf of the agency. CISA encourages agencies to review the playbooks and CISA’s webpage on EO 14028 for more information.  
 
Although CISA created the playbooks for FCEB agencies, we encourage critical infrastructure entities; state, local, territorial, and tribal government organizations; and private sector organizations to review them to benchmark their own vulnerability and incident response practices.

This product is provided subject to this Notification and this Privacy & Use policy.

VMware Releases Security Update for Tanzu Application Service for VMs

Original release date: November 12, 2021

VMware has released a security update to address a vulnerability in Tanzu Application Service for VMs. A remote attacker could exploit this vulnerability to cause a denial-of-service condition.

CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0026 and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.

Palo Alto Networks Release Security Updates for PAN-OS

Original release date: November 12, 2021

Palo Alto Networks has released security updates to address a vulnerability affecting PAN-OS firewall configurations with GlobalProtect portal and gateway interfaces. These updates address a vulnerability that only affects old versions of PAN-OS (8.1.16 and earlier). An unauthenticated attacker with network access could exploit this vulnerability to take control of an affected system.

CISA encourages users and administrators to review Palo Alto Security Advisory for CVE-2021-3064 and apply the necessary updates or workarounds.

This product is provided subject to this Notification and this Privacy & Use policy.

CISA Releases Advisory on Vulnerabilities in Multiple Data Distribution Service Implementations 

Original release date: November 12, 2021

CISA has released an Industrial Control Systems Advisory (ICSA) related to a public report detailing vulnerabilities found in multiple open-source and proprietary Object Management Group (OMG) Data-Distribution Service (DDS) implementations. Successful exploitation of these vulnerabilities could result in denial-of-service or buffer-overflow conditions, which may lead to remote code execution or information exposure.

CISA encourages users and administrators to review ICSA-21-315-02: Multiple Data Distribution Service (DDS) Implementations and apply the necessary updates as quickly as possible.

This product is provided subject to this Notification and this Privacy & Use policy.

Apple Releases Security Update for iCloud for Windows 13

Original release date: November 11, 2021

Apple has released a security update to address multiple vulnerabilities in iCloud for Windows 13. An attacker could exploit these vulnerabilities to take control of an affected system.  

CISA encourages users and administrators to review the Apple security page and apply the necessary update.

This product is provided subject to this Notification and this Privacy & Use policy.

VMware Releases Security Advisory

Original release date: November 11, 2021

VMware has released a security advisory to address a privilege escalation vulnerability in vCenter Server and Cloud Foundation. An attacker could exploit this vulnerability to take control of an affected system.

CISA encourages users and administrators to review VMware Security Advisory VMSA-2021-0025 and apply the necessary workaround.  

This product is provided subject to this Notification and this Privacy & Use policy.

Samba Releases Security Updates

Original release date: November 9, 2021

The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the following Samba security announcements and apply the necessary updates and workarounds.

This product is provided subject to this Notification and this Privacy & Use policy.

Microsoft Releases November 2021 Security Updates

Original release date: November 9, 2021

Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review Microsoft’s November 2021 Security Update Summary and Deployment Information and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.

Citrix Releases Security Updates

Original release date: November 9, 2021

Citrix has released security updates to address vulnerabilities affecting multiple versions of Citrix Application Delivery Controller (ADC), Gateway, and SD-WAN WANOP. An attacker could exploit these vulnerabilities to cause a denial-of-service condition.

CISA encourages users and administrators to review Citrix Security Bulletin CTX330728 and apply the necessary updates as soon as possible.

This product is provided subject to this Notification and this Privacy & Use policy.

Adobe Releases Security Updates for Multiple Products

Original release date: November 9, 2021

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the following Adobe Security Bulletins and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.