Progress Software has ordered the immediate shutdown of all Windows servers running its ShareFile Storage Zone Controllers, citing a "credible external security threat." The directive, aimed at on-premises deployments, represents a drastic containment measure in response to an active and severe security incident.

Confirming the move to The Hacker News, the company stated it has temporarily disabled access to affected accounts "out of an abundance of caution" while collaborating with internal and external security experts. This step, combined with the hardware shutdown order, points to a critical threat that cannot be mitigated by standard software patches or configuration changes alone.

The emergency measure forces IT administrators into a difficult operational trade-off. Storage Zone Controllers are fundamental to ShareFile’s data storage and transfer capabilities. Powering them down will immediately halt corporate file-sharing and collaboration workflows, disrupting business continuity in the interest of security.

The requirement for a physical shutdown, rather than an emergency patch, strongly suggests an actively exploited vulnerability, such as a zero-day flaw, or in-the-wild malicious activity like ransomware or data exfiltration. Such severe threats often bypass software-level defenses, necessitating isolation at the network or power level.

This incident marks the second major security crisis for Progress Software in recent years, following the widespread MOVEit Transfer data breach campaign in 2023. While affecting a different product, the recurring high-impact vulnerabilities continue to raise questions about the security posture of the company's widely used enterprise software portfolio.

As Progress Software's investigation continues, its primary focus is on containment. Customers are now awaiting critical details: the precise nature of the threat, confirmation on whether any data was exfiltrated, and a secure roadmap for recommissioning their servers. The event underscores the systemic risk inherent in enterprise software, where a flaw in a single, pervasive component can force widespread operational disruption.


Progress Software 已下令立即關閉所有運行其 ShareFile Storage Zone Controllers 的 Windows 伺服器,理由是存在「可信的外部安全威脅」。此指令針對本地部署環境,代表一項為應對活躍且嚴重安全事件而採取的嚴厲遏制措施。

該公司向 The Hacker News 確認此舉時表示,「為了極度謹慎」,已暫時停用受影響帳戶的存取權限,並正與內部及外部安全專家合作。此步驟結合硬件關閉命令,顯示威脅極為關鍵,無法僅透過標準軟件補丁或配置更改來緩解。

這項緊急措施迫使 IT 管理人員面臨艱難的營運抉擇。Storage Zone Controllers 是 ShareFile 數據儲存與傳輸功能的核心。將其關停將立即中斷企業的文件共享與協作流程,為了安全而犧牲業務連續性。

要求物理關機而非緊急修補,強烈暗示存在一個正被 actively exploited 的漏洞,例如零日漏洞缺陷,或在野惡意活動如勒索軟件或數據外洩。這類嚴重威脅通常能繞過軟件層面的防禦,需要在網路或電源層級進行隔離。

此事件標誌著 Progress Software 近年來第二起重大安全危機,此前是 2023 年廣泛的 MOVEit Transfer 數據外洩攻擊活動。雖然影響不同產品,但反覆出現的高影響力漏洞持續引發外界對該公司廣泛使用的企業軟件組合安全狀況的質疑。

隨著 Progress Software 的調查持續進行,其首要重點是遏制。客戶目前正等待關鍵細節:威脅的確切性質、是否有數據被外洩的確認,以及重新啟用伺服器的安全路線圖。此事件凸顯了企業軟件固有的系統性風險——單一普遍組件的缺陷可能迫使大規模營運中斷。

新聞來源 / Original News Source