Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Warning of dangerous Spring4Shell vulnerability, there are signs of scanning and exploiting
Soon after, a guide to exploiting the Spring4Shell vulnerability in the Spring Framework was posted on GitHub and deleted. But the internet was an open world, so that exploit was quickly re-shared elsewhere and tested and confirmed by security researchers as a standard Spring4Shell-only exploit.
The Spring4Shell vulnerability exists in Spring Core, a core component of the Spring Framework open source code. Currently, Spring Framework is commonly used in web applications. It is estimated that about 50% of web applications written in Java use Spring Core. According to the assessment, Sping4Shell is more dangerous than the Log4Shell vulnerability, one of the most dangerous vulnerabilities of the decade that was discovered at the end of 2021.
According to the Cybersecurity Monitoring Center, there have been groups of hackers that have scanned and tested Spring4Shell on some technology systems of agencies and organizations.
To fix the vulnerability, IT admins need to update to the following versions:
- Spring Framework 5.3.18 and Spring Framework 5.2.20.
- Spring Boot 2.5.12.
- Spring Boot 2.6.6 (to be released soon).
The Spring4Shell vulnerability is particularly dangerous because developers often use sample code for their applications. Therefore, many applications are at risk of being attacked online.
Admins need to prioritize deploying updates as soon as possible. The reason is because hackers are actively exploiting new vulnerabilities.
Kareem WintersYou should read it
- 12-year vulnerability in pkexec gives hackers root privileges on Linux
- Patches of dangerous vulnerabilities being exploited by hackers contain dangerous holes and then continue to be exploited by hackers
- Microsoft urgently patched zero-day vulnerability after 2 years of refusing to acknowledge it
- Specter V2 vulnerability re-appears to attack Intel, Arm CPUs, AMD chips are not affected
- Detected a serious zero-day vulnerability in Microsoft Office, click the document file and it will stick
- 'Printer Catastrophe' Vulnerability Threatens All Versions of Windows
- Google discovered a dangerous zero day vulnerability on many Samsung Galaxy, Huawei, Xiaomi and even Pixel phones
- What is VENOM Vulnerability? How can you protect yourself?
May be interested
- A month before your heart attack, your body will show 8 warning signs!
here are 8 important warning signs that may appear 1 month in advance or even earlier, indicating that you may have a heart attack. invite you to consult! - Metasploit - Tool to exploit vulnerabilitiesthe metasploit framework is an environment used to test, attack, and exploit service errors. metasploit is built from perl object-oriented language, with components written in c, assembler, and python. metasploit can run on most operating systems: linux, windows, macos.
- 8 abnormal signs on the skin warning the body is having serious health problemslet us explore the 8 abnormal signs on the skin that warn the body of serious health problems that you should not ignore!
- 9 abnormal signs in the legs warning the body is having health problemsin many cases, the signs in your legs only tell you about your body problems. let's take a look at 9 unusual signs in the legs warning the body is having health problems below!
- New zero-day vulnerability warning in Windows Search, Windows protocol nightmare getting worsea new windows search vulnerability can be exploited to automatically open a search window containing remotely hosted malicious executable files just by launching a word document.
- Critical Vulnerability Discovered in 3 WordPress Plugins, Affects 84,000 Websitessecurity researchers have just disclosed a new vulnerability affecting three different wordpress plugins, posing a security risk to 84,000 websites. by exploiting this vulnerability, hackers can take control of the affected websites.
- Warning signs that you are lacking Vitamin Dan estimated 1 billion people around the world are deficient in vitamin d. the number is huge, and lack of this nutrient can lead to many health problems that you need to be aware of.
- Signs that your body is silently calling for helpyour body sends you subtle signals to let you know something is wrong. these signs can help you identify potential problems early.
- 8 signs of abnormal eye warning about your healthhere are 8 unusual eye signs that warn your health not to be missed!
- 12-year vulnerability in pkexec gives hackers root privileges on Linuxresearchers have just issued a warning about a vulnerability in polkit's pkexec component that is assigned the code cve-2021-4034 (and is known as pwnkit).
Technology story
- Microsoft allows users to reactivate Windows App installer
- This is the world's fastest ransomware, encrypting 53GB of data in just over 4 minutes
- Teen hacker is believed to be behind the notorious hacker group Lapsus$
- Lapsus$ hacker group claims to be in possession of Microsoft's source code
- Microsoft will improve the experience of playing audio CDs in Windows 11
- Malware sneaks into iOS through Apple's official distribution channels
Microsoft allows users to reactivate Windows App installer
This is the world's fastest ransomware, encrypting 53GB of data in just over 4 minutes
Teen hacker is believed to be behind the notorious hacker group Lapsus$
Lapsus$ hacker group claims to be in possession of Microsoft's source code
Microsoft will improve the experience of playing audio CDs in Windows 11
Malware sneaks into iOS through Apple's official distribution channels