CERT‑In urges organizations to patch or mitigate actively exploited vulnerabilities within a 12‑hour window, reflecting the accelerating AI‑driven threat landscape.
This half‑day deadline applies exclusively to vulnerabilities that impact internet‑facing or critical “crown‑jewel” assets and have been confirmed as exploited.
In such scenarios, CERT‑In advises defenders to patch, mitigate, or isolate the exposure within 12 hours when practicable.
For other issues—such as high‑severity (CVSS 9.0+) internal vulnerabilities or known exploited bugs within internal systems—organizations retain a more relaxed 24‑hour remediation period.
These recommendations are part of a newly released CERT‑In guide aimed at strengthening defenders’ resilience against AI‑assisted cyber threats.
“AI‑assisted cyber exploitation shrinks the time adversaries need to discover, weaponize, and exploit vulnerabilities, exposed services, weak identities, insecure APIs, and misconfigured systems,” the report states.
As reliance on interconnected digital infrastructure, cloud ecosystems, software supply chains, operational technologies, and AI‑enabled platforms expands, the potential impact of AI‑driven threats grows across all sectors.
The report follows a series of 2026 news stories highlighting AI’s rising significance in cybersecurity for both attackers and defenders.
Agentic AI has matured rapidly over the past year, with consumer‑grade tools such as OpenClaw enabling non‑technical users to experiment with autonomous systems, thereby increasing awareness of its capabilities.
While agents possess extensive permissions to effect significant system changes, recent warnings from global intelligence agencies note that their behavior can be unpredictable and they may inadvertently cause mischief.
Security professionals are beginning to explore AI agents in their workflows, yet for attackers, the technology offers opportunities to accelerate every stage of their operations—from reconnaissance and exploitation to privilege escalation and data exfiltration.
CERT‑In identifies agentic AI as a central concern in its recommendations, recognizing that the fragmented supply chains on which organizations depend can cause vulnerabilities to cascade across interconnected systems.
Beyond agentic AI, the emergence of frontier models—such as Anthropic’s Mythos and OpenAI’s GPT‑5.5, two certified cyber workhorses—poses additional risk, enabling attackers to discover and exploit critical vulnerabilities at unprecedented speed.
A 12-hour window: Is it feasible?
Any cybersecurity practitioner will attest to the onerous nature of the patching process, and how it’s not as easy as clicking “Update,” which is why a 12-hour patch window might seem initially unrealistic to some.
Urgent warnings and demands for immediate patching are routinely delivered alongside critical vulnerability disclosures, but these fail to account for the downtime required to apply patches, or the testing required to prove that by applying them, everything else won’t break.
Microsoft has had its fair share of these cases, for example, and many readers will have borne the brunt.
The cybersecurity pros who spoke to The Registerweighing in on the CERT-In recommendations, agreed that 12 hours is far too short a window to properly test and deploy a patch, although they said the organization was on to something with its approach.
Dray Agha, senior manager of security operations at Huntress, said that CERT-In’s recommendation to “patch, mitigate, or remove exposure within 12 hours where feasible” was solid advice, largely because of the caveat that it doesn’t necessitate a full patch within that time.
“By explicitly encouraging temporary mitigations, such as isolation, access restriction, or disablement until a patch is ready, this turns the patching deadline into a highly feasible and necessary containment strategy,” Agha told The Register.
Agha added that AI-assisted cyberattacks are seen every day in the wild, compressing the time taken to exploit vulnerabilities, meaning defenders must adapt to this new reality.
In the pre-AI days, a 12-hour window to mitigate or patch a known exploited vulnerability was seen as excessively tight, but increased availability of advanced tooling and automation is reshaping the demands of vulnerability management.
“Defenders must fundamentally reshape their operations to focus on quicker mitigations – prior to AI, at Huntress, we have seen vulnerabilities exploited within a handful of hours, let alone a full 12 hours,” said Agha.
He said the 12-hour guideline is less about an arbitrary clock, more about “forcing a necessary readjustment in how organizations drive their security approaches to be beyond compliance and move to a continuous defensive posture.
“And this will involve the enterprise functions of the business being a part of the security posture – not just IT, thank you very much – as the consequences of AI-driven exploitation mean faster, higher impact cascading negatives on a targeted business; much better to proactively defend than reactively recover.”®
Also Read
- Today’s NYT Connections: Sports Edition Hints and Answers for June 20, #635
- Light-Activated Spinach Nanoparticles Offer Novel Approach to Combat Dry Eye Disease
- OpenAI Charts Course Toward AI for All, Pledges to Build Technology That Benefits Everyone]
- From VLC to Robots: Jean‑Baptiste Kempf’s New Real‑Time Control Platform for AI‑Powered Machines
![OpenAI Charts Course Toward AI for All, Pledges to Build Technology That Benefits Everyone]](https://i1.wp.com/cdn.mos.cms.futurecdn.net/JxoEQAoM7Qi38LDcnMCHA7-2560-80.jpg?w=1024&resize=1024,1024&ssl=1 "OpenAI Charts Course Toward AI for All, Pledges to Build Technology That Benefits Everyone]")
