Security News > 2023 > February > Actively exploited GoAnywhere MFT zero-day gets emergency patch
Fortra has released an emergency patch to address an actively exploited zero-day vulnerability in the GoAnywhere MFT secure file transfer tool.
"This patch was created as a result of the issue we disclosed in the Security Advisories published last week related to GoAnywhere MFTaaS. We urgently advise all GoAnywhere MFT customers to apply this patch," Fortra says.
"We urgently advise all GoAnywhere MFT customers to apply this patch. Once downloaded, we recommend working with your administrators to get the patch applied as soon as possible to ensure full remediation of the identified issue."
You can download the security patch from the "Product Downloads" tab at the top of the GoAnywhere account page after logging in.
On Monday, security researcher Florian Hauser of IT security consulting firm Code White also released a proof-of-concept exploit that could be used to achieve unauthenticated remote code execution on Internet-exposed and unpatched GoAnywhere MFT servers.
Exploit released for actively exploited GoAnywhere MFT zero-day.
News URL
Related news
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
- Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities (source)