Security News > 2021 > July > Kaseya Patches Zero-Days Used in REvil Attacks

Kaseya made good on its promise to issue patches by July 11.

On Saturday, the company behind the Virtual System/Server Administrator platform that got walloped by the REvil ransomware-as-a-service gang in a massive supply-chain attack released urgent updates to address critical zero-day security vulnerabilities in VSA. Kaseya released the VSA 9.5.7a update to fix three zero-day vulnerabilities used in the ransomware attacks.

Kaseya already knew about these bugs when the attacks were launched.

When the outlet asked Kaseya to address the anonymous workers' accusations, a Kaseya spokesperson declined, citing a policy of not commenting on matters involving personnel or the ongoing criminal investigation into the hack.

To support his statement, Schrader pointed to Cisco IOS device(s) with an outdated cert used by Kaseya itself, noting that there are a couple of IPs showing the same issue.

Most of the seven vulnerabilities reported to Kaseya by DVID were patched on Kaseya's VSA SaaS service, but up until Saturday, three outstanding security holes on the VSA on-premise version still needed to be battened down.

News URL

https://threatpost.com/kaseya-patches-zero-days-revil-attacks/167670/