Progress Software Says Purported Bug in MOVEit Isn’t a Fourth ‘Zero Day’

Progress Software Corp. said it has investigated a new purported flaw in its file-sharing software submitted by an anonymous researcher and determined it is not a zero day, the term used for a vulnerability that doesn’t have a fix.

The company’s MOVEit software is at the center of an ongoing hacking campaign by a group called Clop. The Russian-speaking group exploited a zero day in the software, claiming to steal files from hundreds of companies and organizations. In the weeks since the breach was discovered, researchers discovered two more zero days. Progress has issued fixes, or patches, for the three zero days that have been identified.