When an article like this is written I wonder if CIOs sit in their chairs with sweaty palms and just pray that nothing bad happens to their infrastructure before a patch is made available to their team.
How many articles like this are going to be written in the next six months? One? Ten? It seems like it never ends.
If a micro-segmentation strategy based on zero trust was implemented there would be no need to worry because the vulnerability would not be allowed to propagate since it's communication and the services it uses would not be allowed to communicate in either direction based on security policy.
Employing good micro-segmentation strategy limiting east-west traffic to only essential communication is easier than you think. It can be done at a scale and cost that will put these kinds of worries in your rear view mirror.
But don't think about doing all this with a router, switch or firewall. Make sure you look at host based segmentation. Get control of the packets where they are transmitted and received. Do it at the host. This is the place you have all the control you need to manage east-west traffic.
And the beauty of all this? You already own that firewall. Just program what you already own. It's that easy!
A patch is currently not available. Microsoft intimated that one might arrive during next month's Patch Tuesday -- currently scheduled for April 14.