Progress orders ShareFile customers to shut down storage zone servers

Progress Software told ShareFile customers to power down on-premises Storage Zone Controllers over an undisclosed security threat.

CSBadmin
1 Min Read

Progress Software has ordered ShareFile customers to manually shut down their on-premises Storage Zone Controllers, responding to what it described as a “credible external security threat.” The emergency warning, sent by email on July 12, instructed organizations to turn off the Windows servers hosting the on-premises file-sharing component.

Progress said it had disabled cloud access to ShareFile accounts using Storage Zone Controllers but warned this was insufficient. “You must manually shut down the server hosting your Storage Zone Controllers,” the email read, calling it a critical step to protect data. The company declined to share details about the nature of the threat, which software versions were affected, or when systems could be safely restarted.

Speculation among customers points to an unauthenticated remote code execution vulnerability being actively exploited. Progress has history with these crises — the Clop ransomware gang’s mass exploitation of its MOVEit Transfer software in 2023 became one of the largest supply chain breaches on record. Customers have been told to keep Storage Zone Controllers offline while Progress completes its investigation.

CSBadmin

The latest in cybersecurity news and updates.

Share This Article
Follow:
The latest in cybersecurity news and updates.