Software developer Kaseya claims that its software has been fully patched following a ransomware attack first announced on July 2.
Kaseya's customers had scrambled to respond to the ransomware attack that became public over the July 4th holiday weekend. Kaseya has said that up to 60 of its MSP customers were hit by attackers, with impacts on up to 1,500 of those MSP's clients.
Recently, Kaseya's customers learned that Kaseya had been aware of the vulnerabilities in its software for several months.
The Dutch Institute of Vulnerability Disclosure, or DIVD, had found seven vulnerabilities, six of which affected the software-as-a-service and on-premises versions of VSA and one of which only affected the on-premises version.
DIVD claimed that it notified Kaseya of the vulnerabilities on April 6 and that Kaseya began developing and implementing security patches in May and June.
Time will tell if Kaseya's patches are effective to eliminate the vulnerabilities.