A patch for the recently discovered zero-day vulnerability in the GoAnywhere managed file transfer (MFT) software has been released. About a week ago, reports of active exploitation started to surface, but the specifics of the attacks are still unknown.
On February 1, Fortra, formerly HelpSystems, warned GoAnywhere MFT users about a “zero-day remote code injection exploit.” Since then, the company has published two additional security alerts, each of which offers mitigations and signs of a compromise (IoCs). Users of GoAnywhere are currently receiving notification that a patch is available.
Users are advised to install GoAnywhere MFT 7.1.2 as soon as possible. This is an urgent matter, especially for customers who run admin portals that are accessible via the Internet, the company stated.
Read More: Patch Released for Actively Exploited GoAnywhere MFT Zero-Day
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.