Subscribe

Attackers Target Microsoft’s Cloud Services Spring4Shell RCE Flaw

Microsoft has uncovered a “low volume of exploit attempts” deploying Spring4Shell vulnerability exploits against its cloud infrastructure.

Spring4Shell is an RCE vulnerability that has been identified as CVE-2022-22965 and affects the Spring Framework.

Attackers can exploit the vulnerability by sending specially crafted queries to servers running the Spring Core framework to create web shells in the Tomcat root directory.

Hackers can exploit the vulnerability to execute commands on the compromised server.

However, Microsoft said that it has not yet seen “any impact to the security of our enterprise services and have not experienced any degraded service availability due to this vulnerability.”

Although the bug only affects systems with certain configurations, Microsoft explained that “any system using JDK 9.0 or later and using the Spring Framework or derivative frameworks should be considered vulnerable.”

Admins are advised to check that their servers are vulnerable to Spring4Shell attacks by issuing a non-malicious command.

For more information, read the original story in BleepingComputer.

Top Stories

Toyota confirms leak of 240GB of sensitive data in recent hack

Former Google CEO Eric Schmidt makes controversial comments

Study finds 94% of spreadsheets have critical errrors

Study says 94% of spreadsheets contain critical errors

Elon Musk claims DDoS attack caused issues in live-streamed interview with Trump – experts are skeptical

Google anti-trust ruling a financial disaster for Firefox

Related Articles

HP Settles Lawsuit Over Blocking Third-Party Ink With Printer Updates

March 26, 2025 HP has agreed to settle a class-action lawsuit accusing the company of disabling printers that used third-party ink more...

Europe Seeks Alternatives to U.S. Cloud Providers Amid Sovereignty Concerns

March 26, 2025 European nations and companies are actively pursuing alternatives to U.S.-based cloud service providers, driven by concerns over data more...

Google Confirms Data Deletion Error in Drive and Photos

March 23, 2025 Google has admitted to a technical error that caused some users’ files to be accidentally and permanently deleted more...

AWS claims its competition is “repatriation” with customers returning to on-premises infrastructure

September 18, 2024 In a surprising turn of events, cloud giant Amazon Web Services (AWS) is now claiming that it faces more...

Jim Love

Jim Is and author and pud cast host with over 40 years in technology.

Share:
X/Twitter
Linkedin
Blue Sky
Tech News Day is a daily publication featuring key news stories about technology and how it affects businesses.

Follow Us

X-twitter Linkedin-in

Popular categories

Tech News Delivered

New, Relevant Tech Stories. Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize them to give you the key takeaways.
Subscribe
© 2025 TECHNEWSDAY. All rights reserved.