Progress Tells ShareFile Customers to Take Storage Zone Controllers Offline Amid Security Threat
Progress Software is urging ShareFile customers to shut down Windows servers running Storage Zone Controllers after the company said it was responding to a credible external security threat. The vendo...
Progress Software is urging ShareFile customers to shut down Windows servers running Storage Zone Controllers after the company said it was responding to a credible external security threat. The vendor said it temporarily suspended access to affected accounts as a precaution while internal and external security teams investigate.
In a statement, Progress said it has not found evidence that ShareFile accounts or customer data were accessed without authorization. The company has also not disclosed the nature of the threat or identified any actor behind it. The advisory became public after a customer shared the notice online, and Progress later confirmed the incident on its status page, where Storage Zone Controller customers were listed as not operational.
What is affected
The issue appears limited to the Storage Zone Controller component, not standard cloud-only ShareFile accounts. Because this controller is typically hosted by customers and often exposed to the internet, it can serve as a high-value target in enterprise environments. Progress’s decision to advise customers to fully power down the systems, rather than simply apply a patch, suggests there is no immediate fix available yet.
Steps organizations should take
- Keep affected Storage Zone Controllers offline until Progress provides further guidance.
- Verify installations are on the latest supported releases, including 5.12.4 or later on the 5.x line or a current 6.x build.
- Preserve logs and begin incident response procedures if the controller was internet-facing.
- Check for unfamiliar .aspx files or unexpected changes in web and storage directories.
The incident comes against a familiar backdrop for ShareFile customers. In 2023, attackers exploited a critical unauthenticated flaw in the Storage Zones Controller when the product was still under Citrix ownership, prompting access restrictions for unpatched systems. Progress acquired ShareFile in 2024 and has also dealt with the widely exploited MOVEit campaign.
For now, the key unanswered questions remain the same: what threat Progress is facing, whether any systems were compromised, and when customers can safely bring Storage Zone Controllers back online.
