HomeWinBuzzer NewsSpring4Shell Java Vulnerability: Threat Actors Searching for Exploit

Spring4Shell Java Vulnerability: Threat Actors Searching for Exploit

Check Point security says Spring4Shell Java flaws could be exploited, while Microsoft urges customers to update systems.


The Spring4Shell Java flaw is dangerous and mostly affects technology companies, says security researcher Check Point. Furthermore, the company says threat actors are still actively hunting for an exploit for the vulnerability.

Check Point says the bug could create software supply chain issues and providers should be paying close attention to the flaw. In fact, has issued its own warning urging its customers to patch their systems to avoid the critical vulnerability that affects Java apps

The list of bugs includes CVE-2022-22947, which was a problem in VMware Tanzu, alongside CVE-2022-22963 and CVE-2022-22965, affecting Java applications.


According to Check Point, threat groups are seeking exploits against the flaws. The firm points out 16% of global organizations have faced attempted exploitation attacks against them. Most target companies are in Europe and since the Spring4Shell vulnerability was found, 37,000 attempts have been recorded.

“The most impacted industry is software vendor where 28% of the organization were impacted by the vulnerability,” Check Point says. Next is education/research organizations, followed by education/research.  

“Organizations using Java Spring should immediately review their software and update to the latest versions by following the official Spring project guidance,” Check Point says

Java is still one of the most common languages for building applications in the enterprise space. As such, millions of apps and thousands of organizations are potentially at risk. Microsoft is telling customers can monitor register keys via mobile device management to protect against these kinds of flaws.

Tip of the day: Windows Update downloads can often be frustrating because they are several gigabytes in size and can slow down your internet connection. That means your device may work with reduced performance while the update is downloading. In our guide we show you how to limit bandwidth for Windows Update downloads, so they won't bother you again.

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News