CERT-In issues rapid patching guidelines for internet-facing systems
Public Sector Action
Summary
Hide ▲
Show ▼
CERT-In issued new guidelines requiring organizations to patch internet-exposed critical vulnerabilities within 12 hours where feasible, tightening defensive timelines against AI-assisted cyber exploitation. The 38-page blueprint also sets faster remediation windows for known exploited vulnerabilities and other critical flaws across critical systems. The directive pushes organizations toward rapid exposure reduction, layered controls, and temporary mitigations when patches are not immediately available.
Related Happenings
CERT-In issues 12-hour patch guidance for Indian organizations
Public Sector Action
First: 26.05.2026 13:30
Last: 26.05.2026 13:30
Sources 1
About this happening:
**CERT-In** published new guidance on **May 25** urging Indian organizations to patch **actively exploited internet-facing vulnerabilities** within **12 hours**, tightening respon...
CERT-In issues 12-hour patch guidance for Indian organizations
Public Sector ActionAbout this happening: **CERT-In** published new guidance on **May 25** urging Indian organizations to patch **actively exploited internet-facing vulnerabilities** within **12 hours**, tightening respon...
CERT-In 12-hour KEV remediation guidance
Advisory/Mitigation
First: 26.05.2026 13:30
Last: 26.05.2026 13:30
Sources 1
About this happening:
CERT-In set a **12-hour** expectation for containing or remediating **known exploited vulnerabilities** on **internet-facing and crown-jewel systems**, sharply shortening response...
CERT-In 12-hour KEV remediation guidance
Advisory/MitigationAbout this happening: CERT-In set a **12-hour** expectation for containing or remediating **known exploited vulnerabilities** on **internet-facing and crown-jewel systems**, sharply shortening response...
Microsoft April 2026 Patch Tuesday security update (165 CVEs)
Security Patch Release
First: 15.04.2026 00:22
Last: 15.04.2026 00:22
Sources 1
About this happening:
**Microsoft** shipped **April 2026 Patch Tuesday** updates covering **165 CVEs**, including an **actively exploited zero-day** and a **publicly disclosed** flaw, creating immediat...
Microsoft April 2026 Patch Tuesday security update (165 CVEs)
Security Patch ReleaseAbout this happening: **Microsoft** shipped **April 2026 Patch Tuesday** updates covering **165 CVEs**, including an **actively exploited zero-day** and a **publicly disclosed** flaw, creating immediat...
Timeline
-
26.05.2026 12:13 2 articles · 1d ago
CERT-In orders 12-hour patching for internet-exposed critical vulnerabilities
Legal Policy Action UpdateCERT-In issued a 38-page blueprint directing organizations to patch critical security vulnerabilities in internet-exposed systems within 12 hours where feasible, and to remediate known exploited vulnerabilities and other high-risk flaws on accelerated timelines. The guidance cites AI-assisted cyber exploitation that can shorten vulnerability discovery, weaponization, and exploitation, and it recommends layered controls, continuous monitoring, Zero Trust, SBOM-based supply-chain checks, and temporary mitigations such as isolation, access restriction, WAF/API protection, enhanced monitoring, or feature disablement when patches are not immediately available.
Show sources
- CERT-In Recommends 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks — thehackernews.com — 26.05.2026 12:13
- CERT-In Recommends 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks — thehackernews.com — 26.05.2026 12:13