Cybersecurity and Infrastructure Security Agency urges affected users to update ASAP.

  • sugar_in_your_tea
    link
    fedilink
    English
    arrow-up
    3
    ·
    5 months ago

    Exactly. If you run a service, the bare minimum due diligence is to install available updates in a timely manner. Imo, it’s criminal negligence if a service gets hacked due to an unpatched system.

    Most likely, this isn’t being done because the IT dept isn’t given enough time to actually maintain systems, so whoever makes that decision should face criminal charges. And orgs like the NSA should be auditing this kind of thing and issuing fines, not spying on US citizens.