🟠 High | Source: The Register — Security
Progress Software has issued an emergency directive instructing customers to shut down their on-premises ShareFile Storage Zones Controllers in response to an unspecified security threat. The company claims there is no evidence of unauthorised access, but the severity of the precaution — a full server shutdown — suggests the underlying risk is considered significant. ShareFile has previously been exploited in the wild, making this advisory particularly noteworthy for organisations running self-hosted instances.
Security Architect’s Take: If your organisation runs self-hosted ShareFile Storage Zones Controllers, comply with the shutdown directive immediately and check Progress’s support portal for remediation guidance before bringing instances back online. Review network egress logs for any anomalous outbound connections from ShareFile servers over the preceding weeks as a precautionary indicator-of-compromise check.
Original advisory: Progress orders emergency ShareFile server shutdown over mystery security threat