Progress Orders ShareFile Admins to Shut Down File-Transfer Servers Over a "Credible Threat"
Progress Software, the company behind the file-sharing platform ShareFile, told every customer running its on-premises Storage Zone Controller to physically power those Windows servers down — immediately, and before Progress had explained why. The company's own wording was that it had identified "a credible external security threat" and was disabling account access as "a critical additional step to ensure the safety of your data." Beyond that, Progress hasn't said what the threat is, who's behind it, or whether any specific vulnerability is being exploited. It has said it currently has no evidence of unauthorized access to ShareFile accounts or data, and that it's working with outside security experts while it investigates.
What makes admins take this seriously isn't the technical detail — there isn't much yet — it's the shape of the advisory. A vendor telling customers to unplug servers rather than "apply this patch" usually means one of two things: a vulnerability serious enough that even a fast patch can't be trusted to close the gap in time, or evidence that attackers are already probing or exploiting something unpatched. Storage Zone Controllers are the same category of enterprise file-transfer software — internet-facing, holding sensitive client documents — that Progress's own MOVEit Transfer product was in when a 2023 zero-day in it was mass-exploited by the Clop ransomware gang against thousands of organisations. Security researchers are drawing that comparison directly, which is why an advisory with no CVE and no confirmed exploitation is still making headlines.
What this means for your business
Most small and mid-sized Malaysian businesses don't run ShareFile Storage Zone Controllers directly — this is enterprise on-premises software, not the hosted consumer product. But if you or a partner, accountant, or client uses it to move contracts, invoices, or personal data around, treat this as urgent this week:
- If you have a Storage Zone Controller running, take it offline now and wait for Progress's official update before bringing it back — don't assume "no confirmed breach yet" means it's safe to keep running.
- Check your version against Progress's advisory (5.12.4+ on the 5.x line, or any 6.x release) even though the company has cautioned that being current may not fully protect you against this specific threat.
- If a controller has been internet-accessible, ask whoever manages it to preserve logs and check for unfamiliar files before restoring service — the same discipline you'd apply after any suspected incident, not just a routine patch.
The broader lesson holds regardless of which vendor's name is in the headline: any file-transfer or document-sharing tool your business depends on is worth knowing the patch and incident-response posture of, because these platforms are exactly where sensitive client data concentrates in one place.