[Progress News] [Progress OpenEdge ABL] Blue Mockingbird Vulnerability Picks up Steam—Telerik Guidance

Not open for further replies.

The Progress Team

The Blue Mockingbird malware attack, which is compromising the security of many web applications, including Microsoft Information Services, SharePoint and Citrix, is also targeting old Telerik UI vulnerabilities that have already been fixed.

The attack often uses the known vulnerabilities CVE-2017-11317 and CVE-2019-18935 to upload and execute the malicious software to versions that have not been upgraded to the latest version of the Telerik UI for ASP.NET AJAX (also known as RadControls for ASP.NET AJAX).

Both of the vulnerabilities are already fixed, and, when they were found, Progress notified all of our active and inactive customers with instructions and mitigation steps so they can secure their apps. See the following blog posts:

For complete information, advice and instructions, please read the full post on Telerik.com.

Continue reading...
Not open for further replies.