Administrators are advised to apply the appropriate updates.
Administrators are advised to allow only trusted users to have network access.
The Cisco Applied Intelligence team has created the following companion document to guide administrators in identifying and mitigating attempts to exploit this vulnerability prior to applying updated software: Identifying and Mitigating Exploitation of the Multiple Vulnerabilities in Cisco Intrusion Prevention System Software
Prevent disruption of communication between devices by reducing the impact of attacks which may directly impact the CPU performance of the individual devices. For control plane hardening best practices, see Cisco Guide to Harden Cisco IOS Devices
Understanding activity on the network provides information and visibility that can be used to identify potential security incidents. Organizations should log events from devices and review the logged data to provide insight into anomalies or malicious activity. For logging best practices, see Cisco Guide to Harden Cisco IOS Devices
It is critical to prevent unauthorized direct communication to network devices. Restrict network traffic destined for the network infrastructure to protect against reconnaissance and denial-of-service (DoS) attacks. For configuration details, see Protecting Your Core: Infrastructure Protection Access Control Lists
Network traffic should be monitored security-related network activity. NetFlow identifies security-related network activity. For NetFlow configuration details, see Introduction to Cisco IOS NetFlow - A Technical Overview
Administrators are advised to monitor affected systems.