Critical Spring4Shell Vulnerability Update

In this article:

It’s patch-tastic at the moment and over the weekend our security partners Arctic Wolf sent communication on #Spring4Shell, a freshly discovered vulnerability in the popular Spring Java framework The vulnerability leaves systems susceptible to unauthenticated remote code execution (RCE). The vulnerability, assigned CVE-2022-22965, received a critical severity rating and impacts not only Spring MVC but also Spring WebFlux applications running

It’s patch-tastic at the moment and over the weekend our security partners Arctic Wolf sent communication on #Spring4Shell, a freshly discovered vulnerability in the popular Spring Java framework The vulnerability leaves systems susceptible to unauthenticated remote code execution (RCE). The vulnerability, assigned CVE-2022-22965, received a critical severity rating and impacts not only Spring MVC but also Spring WebFlux applications running JDK 9+.

Your Data Health is your Greatest Wealth

Arctic Wolf have released a new open-source scanner tool to ID systems that are vulnerable to Spring4Shell and have prepared additional recommendations for you in 3 easy steps;

#1 Scan your environment with Spring4Shell Deep Scan tool
#2 Apply updates for Spring Framework to relevant systems
#3 Apply updates for Spring Cloud function

The Trustco team are here to help you. More than ever data security is in the spotlight and the need for spotting vulnerabilities, assessing and reducing risks to both your data, your systems as well as your connections to your customers and partners is increasingly priority number one. We know that there’s a global shortfall of Information Security Architects and Analysts and it’s an increasing challenge for many IT teams to keep up not having the resources, expertise. The increase of security alerts and updates is quite frankly overwhelming and unmanageable for most businesses. This is why Trustco offer SOC – a Managed Security Operations Cloud. We provide a full security concierge team, combining the best of AI and human pairings to provide full managed detection and response, managed risk, managed security awareness and managed cloud monitoring. This innovative Security Operations platform and concierge delivery model enables you to end cyber risk.

GET YOUR FREE DEEP SCAN TOOL

For free secure access to the Spring4Shell deep scan tool and full detailed recommendations contact Trustco today – hello@trustco.co.uk or call the Trustco team on 0344 8801999 and register your details for more information.

Latest posts

19/05/2025

Cyber Insurance Premiums are Increasing: How to Prepare 

Featured image for “Cyber Insurance Premiums are Increasing: How to Prepare ”
12/05/2025

Opinion: The Onslaught of Cyber Attacks on UK Retail Should Be a Wakeup Call for Us All

Featured image for “Opinion: The Onslaught of Cyber Attacks on UK Retail Should Be a Wakeup Call for Us All”
16/04/2025

Extraordinary: Trustco’s Neurodivergent Employee Stories

Featured image for “Extraordinary: Trustco’s Neurodivergent Employee Stories”
04/04/2025

Veeam Rolls Out Unlimited Cloud Backup for Microsoft 365 & Entra ID

Featured image for “Veeam Rolls Out Unlimited Cloud Backup for Microsoft 365 & Entra ID”
19/03/2025

Passwords, Passkeys and Quantum Computing: The Saga of Logging In

Featured image for “Passwords, Passkeys and Quantum Computing: The Saga of Logging In”