Microsoft has reported that it is currently tracking a low volume of exploit attempts targeting CVE-2022-22965 (aka Spring4Shell) across its cloud services. CVE-2022-22965 is a critical remote code execution vulnerability affecting the Spring Core Java framework. This reporting aligns with estimates from other security vendors, which suggest approximately 16% of organisations vulnerable to Spring4Shell have been targeted.

Download the report