On January 15, 2020, the FedRAMP program office directed all authorized cloud service providers to comply with Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) Emergency Directive 20-02, “Mitigate Windows Vulnerabilities from January 2020 Patch Tuesday”.
cloud.gov confirms that it has zero affected endpoints in the FedRAMP authorized boundary, and hence has 100% patch compliance.
Further, cloud.gov has zero affected endpoints under our management outside the boundary, e.g. in development or test environments.
We want to assure cloud.gov agency customers that their systems, and our product, have no exposure to this particular vulnerability.
Posted Jan 17, 2020 - 13:30 EST
This incident affected: cloud.gov customer applications (Applications).