After the discovery of a significant new vulnerability that affects a widely used web server application, your organization needs to determine the most appropriate response. The vulnerability allows remote code execution and has a high CVSS score. There is a patch available, but extensive testing has not yet been completed. What is the most appropriate immediate action to take?
Disconnect all web servers from the network until the patch can be tested, sacrificing availability for security.
Accept the risk and wait for other organizations to report on the patch's effectiveness before applying it.
Implement a compensating control until the patch can be fully tested and deployed.
Implement the untested patch immediately to all production servers to mitigate the vulnerability as quickly as possible.