A network administrator discovers an unpatched vulnerability in the organization's server software that is actively being exploited in the wild. After investigating, they find out that this vulnerability has a designated identification number assigned by the CVE program. What is the most appropriate initial action for the administrator to take to protect against this specific vulnerability?
Disable the affected server until a solution can be found
Install an additional firewall to block the attack vector
Conduct a thorough risk assessment to understand potential impacts
Add redundant servers to the network to dilute the impact of the exploitation
Apply the patch provided by the vendor to mitigate the vulnerability
Change the network topology to restrict access to the vulnerable server