Important Security Notification Regarding Log4j2

As you might have heard in the news, a critical vulnerability has been discovered in Log4j2 that is actively being exploited. 

 

What is Going On?

A critical vulnerability has been discovered in Log4j that is actively being exploited. CVE-2021-44228, also named Log4Shell or LogJam, is a Remote Code Execution (RCE) class vulnerability. If attackers manage to exploit it on a server, they gain the ability to execute arbitrary code and can potentially take full control of the system.

 

What can iWeb/the Customer do to Defend Against This?

Currently, there is a newer version for Log4j available, or a workaround to mitigate the vulnerability. We at iWeb urge you to please check your own systems, and install the new version and or workarounds as soon as possible. 

 

Where Can I Get More Information?

For more details please check: https://logging.apache.org/log4j/2.x/security.html

0 Comments

Article is closed for comments.
Powered by Zendesk