Oracle is urging users to apply patches it released last month as part of its quarterly Critical Patch Update. Oracle says it has learned that several of the patched flaws are being actively exploited. One of those, CVE-2020-2883, is a critical remote code execution flaw in WebLogic Server.
Editor’s
Note
[Ullrich]
A PoC exploit was released the day after the patch. Oracle only discovering now
that this vulnerability is being actively exploited is a bit late. If you
haven’t patched yet, your first call should be your incident response team.
Unless they are quite skilled, they will find a crypto coin miner, and call it
a day, leaving the actual compromise undetected. You may want to read up on
ransomware as this is probably what will hit you next.
[Murray]
The failure to « patch » in a timely manner demonstrates that the
strategy of placing responsibility for the quality of software on the end user
is not merely expensive but ineffective.
Read more in:
– blogs.oracle.com: Customers should apply the
April 2020 Critical Patch Update without delay!
– www.zdnet.com: Oracle warns of attacks
against recently patched WebLogic security bug
– threatpost.com: Oracle: Unpatched Versions
of WebLogic App Server Under Active Attack
Partager ce contenu