The Cybersecurity and Infrastructure Security Agency (CISA) has officially closed ten Emergency Directives after determining that required remediation actions have been completed or are now enforced through broader federal vulnerability management policies.
The directives, which span incidents and vulnerabilities disclosed between 2019 and 2024, were originally issued to reduce urgent cyber risks facing Federal Civilian Executive Branch (FCEB) agencies. According to CISA, these actions helped agencies address critical weaknesses, apply security best practices, and strengthen the resilience of federal systems.
The directives now marked as closed include efforts related to:
- DNS infrastructure tampering
- Multiple Windows vulnerabilities identified through Patch Tuesday updates in 2020
- Netlogon privilege escalation flaws
- The SolarWinds Orion supply-chain compromise
- Microsoft Exchange on-premises vulnerabilities
- Pulse Connect Secure security flaws
- Windows Print Spooler exploitation
- VMware product vulnerabilities
- Nation-state compromise of Microsoft corporate email systems
CISA explained that while these Emergency Directives are no longer active, their security requirements have not been abandoned. Instead, many of the mandated protections are now continuously enforced under Binding Operational Directive 22-01, which focuses on reducing the risk from known exploited vulnerabilities across federal networks.
The agency emphasized that Emergency Directives are designed to ensure fast response to high-impact threats and are closed only when risks are adequately mitigated or incorporated into long-term security controls.
“As the operational lead for federal cybersecurity, CISA uses its authorities to strengthen federal systems and reduce unacceptable risks, particularly those tied to hostile nation-state activity,” said Madhu Gottumukkala, Acting Director of CISA. He noted that the closure of these directives reflects sustained collaboration across federal agencies to eliminate persistent access and respond to evolving threats.
CISA added that its focus going forward remains on advancing Secure by Design principles, including greater transparency, system configuration, and interoperability. The agency stated that these priorities are intended not only to protect federal environments, but also to help organizations across sectors improve their ability to defend complex and diverse digital systems.