Application Development

Blue Mockingbird Vulnerability Picks up Steam—Telerik Guidance

Dealing with Blue Mockingbird vulnerabilities
by The Progress Team Posted on June 19, 2020

The Blue Mockingbird malware attack, which is compromising the security of many web applications, including Microsoft Information Services, SharePoint and Citrix, is also targeting old Telerik UI vulnerabilities that have already been fixed.

The attack often uses the known vulnerabilities CVE-2017-11317 and CVE-2019-18935 to upload and execute the malicious software to versions that have not been upgraded to the latest version of the Telerik UI for ASP.NET AJAX (also known as RadControls for ASP.NET AJAX).

Both of the vulnerabilities are already fixed, and, when they were found, Progress notified all of our active and inactive customers with instructions and mitigation steps so they could secure their apps. See the following blog posts:

For complete information, advice and instructions, please read the full post on Telerik.com.

progress-logo
The Progress Team
View all posts from The Progress Team on the Progress blog. Connect with us about all things application development and deployment, data integration and digital business.
More from the author

Related Tags

security Telerik UI

Related Articles

Progress DataDirect Now Connects to Denodo
Progress DataDirect has added Denodo, a data virtualization software platform, to its catalog of connectors.
Data & AI DataDirect
Todd Wright April 07, 2023
What Is the Difference Between SSO, 2FA and MFA?
Learn about the three main security protocols and their differences: Single Sign-On (SSO), Two-Factor Authentication (2FA) and Multi-Factor Authentication (MFA).
Digital Experience
Vyom Srivastava April 03, 2023
Website & App Security: What You Need to Know to Protect the Products You Build
What can you do to ensure that you’re not setting up your clients for failure or their end users for trouble? In this post, we’ll look at the four parts of a digital product that are the most vulnerable along with what you can do to secure those weak spots.
Application Development Digital Experience
Suzanne Scacca February 28, 2023
Prefooter Dots
Subscribe Icon

Latest Stories in Your Inbox

Subscribe to get all the news, info and tutorials you need to build better business apps and sites

Loading animation