Security

Spring4Shell Statement

ByNathan Pabon April 6, 2022April 6, 2022

A remote code execution (RCE) vulnerability dubbed “Spring4Shell” (CVE-2022-22965) has been made public on Twitter by an unknown user.

The proof of concept provided in those since-deleted Tweets demonstrates an exploit for a vulnerability in the Spring framework for Java.

It appears to affect services running Spring on Java 9 or newer, particularly those running Apache Tomcat.

LunaSec has an in-depth write-up analyzing the vulnerability and providing various mitigation methods in their blog post.

It is highly recommended that users with Apache Tomcat servers configured with the Spring Framework to update to versions 5.3.18 and 5.2.20 or greater.

Addigy is not impacted by this vulnerability as it does not use Java or Tomcat in its infrastructure.

We will be closely monitoring the situation and will provide updates as needed.

Thank you,

Addigy Security Team

Industry Insights

Costs & Benefits of MDM Migration

December 12, 2019March 3, 2020

Whether you have a mobile device management (MDM) provider today and you’re thinking of migrating to another or…

Addigy News | Product | Security

Improve Your Cybersecurity Posture with Addigy’s Pre-built Customizable Benchmarks

March 16, 2023April 24, 2023

In today’s technology-driven world, organizations are constantly looking for ways to improve their cybersecurity posture. One of the…

Addigy News | Industry Insights | Security

Everything You Need to Know About Apple’s First-Ever Rapid Security Response Update

May 4, 2023May 18, 2023

Learn about Apple’s recent Rapid Security Response update, its importance in cybersecurity, how to manage and implement it, and common issues related to its installation and protection, with the help of Addigy’s self-healing mechanism.

Security

New macOS Malware: SysJoker Malware Targets macOS on Intel and M1 Devices

January 18, 2022January 19, 2022

SysJoker Malware Targets macOS on Intel and M1 Devices The cybersecurity firm Intezer has discovered a backdoor that…

Addigy News | Security

How To Run a Script To Bypass Security Bug for macOS (versions 10.15 to 11.2)

April 29, 2021April 30, 2021

A serious security bug, with the identifier CVE-2021-30657, has recently been publicized and patched. However, it has been…

Industry Insights | Security

Addigy and Apache’s Log4J2 CVE-2021-44228 Status

December 12, 2021August 4, 2022

Addigy is aware of a recently disclosed security issue relating to the open-source Apache “Log4j2” utility (CVE-2021-44228). At the time of writing, Addigy does not use this library or has plans to use this library to provide its core services.

Spring4Shell Statement

Costs & Benefits of MDM Migration

Improve Your Cybersecurity Posture with Addigy’s Pre-built Customizable Benchmarks

Everything You Need to Know About Apple’s First-Ever Rapid Security Response Update

New macOS Malware: SysJoker Malware Targets macOS on Intel and M1 Devices

How To Run a Script To Bypass Security Bug for macOS (versions 10.15 to 11.2)

Addigy and Apache’s Log4J2 CVE-2021-44228 Status

Latest Articles

Security. Scalability. Apple Expertise.

Company

Support

Resources

Similar Posts

Security. Scalability. Apple Expertise.

Company

Support

Resources