Progress Software has issued an urgent directive to all ShareFile customers, instructing them to immediately shut down their Windows servers running Storage Zone Controllers (SZCs) due to a credible external security threat. This precautionary measure includes temporarily disabling access to affected accounts while the company collaborates with internal and external security experts to investigate the issue. As of now, there is no evidence of unauthorized access to ShareFile accounts or data.
ShareFile is a widely used enterprise file-sharing service that allows organizations to store and share files securely. The Storage Zone Controller component enables customers to manage their data storage on-premises, providing greater control over sensitive information. The current security threat specifically targets these on-premises deployments, prompting the immediate shutdown recommendation.
Progress Software has not disclosed specific details about the nature of the threat or potential vulnerabilities being exploited. However, the company has emphasized the importance of taking immediate action to mitigate any potential risks. Customers are advised to keep their affected controllers offline until further guidance is provided.
In the interim, organizations should ensure that their Storage Zone Controllers are updated to the latest versions. Specifically, versions 5.12.4 or later on the 5.x line, or any 6.x release, address previously identified vulnerabilities. However, it’s important to note that updating to these versions does not necessarily mitigate the current threat, and the shutdown directive remains in effect.
Organizations with Storage Zone Controllers accessible from the internet should treat this situation as a potential security incident. It is recommended to preserve server logs, initiate incident response protocols, and inspect for any unfamiliar .aspx files in web folders and storage paths. The absence of obvious signs of compromise does not guarantee the server’s security.
This incident underscores the critical importance of proactive security measures and rapid response to emerging threats. Organizations must remain vigilant, regularly update their systems, and adhere to vendor recommendations to safeguard their data and infrastructure.