Dear customers and prospects,
It has been already 2 weeks since the IT security experts from Canada and Saudi Arabia began to warn SharePoint users about the attacks to Microsoft SharePoint servers using the known CVE-2019-0604 vulnerability.
According to Microsoft security notice this vulnerability allows the execution of any particular code in the context of the SharePoint application pool and the SharePoint server account. The company has corrected CVE-2019-0604 with the release of patches in February, March and April this year.
VirtoSoftware warns clients that in order to avoid these attacks it’s recommended to install the latest security updates on SharePoint servers. If these patches cant be installed, then the servers should be protected using firewall.
VirtoSoftware confirms none of its web parts were affected during these attacks. We’re ensuring 100% security for our customers worldwide incl. Fortune 500 companies and public administrations especially while using our support and security consulting services included in our Virto ONE license.