25 CVEs That NSA Want You to Patch Right Now

Tuesday, October 20th, wasn’t your usual Patch Tuesday announcement from Microsoft.

Instead, this announcement came from the NSA urging users to patch 25 vulnerabilities Chinese hackers were exploiting, quickly.

The list of vulnerabilities, many of them already known programming issues, was made public to draw urgency and help IT teams prioritize these patches. Of the 25, seven affect remote access gateways, seven involve internal servers, one affects mobile devices management, two are privilege escalations, two affect Active Directory, three involve network equipment, and three affect public-facing servers, per this infographic from the NSA.

We realize you may not be able to patch all vulnerable assets instantly. We recommend that you prioritize systems for patching based on risk:…