Subscribe

Attackers Target Microsoft’s Cloud Services Spring4Shell RCE Flaw

April 7, 2022

Microsoft has uncovered a “low volume of exploit attempts” deploying Spring4Shell vulnerability exploits against its cloud infrastructure.

Spring4Shell is an RCE vulnerability that has been identified as CVE-2022-22965 and affects the Spring Framework.

Attackers can exploit the vulnerability by sending specially crafted queries to servers running the Spring Core framework to create web shells in the Tomcat root directory.

Hackers can exploit the vulnerability to execute commands on the compromised server.

However, Microsoft said that it has not yet seen “any impact to the security of our enterprise services and have not experienced any degraded service availability due to this vulnerability.”

Although the bug only affects systems with certain configurations, Microsoft explained that “any system using JDK 9.0 or later and using the Spring Framework or derivative frameworks should be considered vulnerable.”

Admins are advised to check that their servers are vulnerable to Spring4Shell attacks by issuing a non-malicious command.

For more information, read the original story in BleepingComputer.

Top Stories

Apple taps Google’s Gemini to strengthen AI push including Siri upgrade

Canadian startup Kepler launches commercially operational optical satellites

Grok generating non-consensual sexualized images in thousands hourly, researcher finds 

Malicious browser extensions are harvesting ChatGPT conversations at massive scale

10 game-changing technology unveiled at CES 2026 so far

Canadian fugitive connected to Desjardins data breach arrested in Spain

Related Articles

Cloudflare threatens to pull out of Italy after €14M Piracy Shield fine

January 13, 2026 Cloudflare’s standoff with Italy has escalated from a regulatory dispute into a high-stakes showdown. The company is more...

Apple taps Google’s Gemini to strengthen AI push including Siri upgrade

January 13, 2026 Apple has struck a multiyear partnership with Google to power key AI features across its ecosystem. Including more...

Canadian startup Kepler launches commercially operational optical satellites

January 12, 2026 A Canadian space company is about to make history. On Sunday, Toronto-based Kepler Communications will launch 10 more...

Dell admits AI isn’t driving PC upgrades as expected

January 12, 2026 Microsoft’s vision for the future of the PC is built around Copilot, an AI assistant meant to more...

Picture of TND Newsdesk

TND Newsdesk

Picture of TND Newsdesk

TND Newsdesk

Jim Love

Jim is an author and podcast host with over 40 years in technology.

Share:
Facebook
Twitter
LinkedIn
Tech News Day is a daily publication featuring key news stories about technology and how it affects businesses.

Follow Us

X-twitter Linkedin-in

Popular categories

Tech News Delivered

New, Relevant Tech Stories. Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize them to give you the key takeaways.
Subscribe
© 2025 TECHNEWSDAY. All rights reserved.