Log4J – What it is. And What You Need to Know.
What is Log4J?
Log4j2, also known as Log4Shell, is a vulnerability that exploits Apache Log4j – a free, open source software that provides logging functionality, debugging and other mundane functions most people don’t think about.
On December 10th, the National Institute of Standards and Technology (NIST) issued cyber security alert CVE-2021-44228 giving it a “10.0 Critical” severity rating. If exploited, bad actors can completely take over a server running Log4J, steal money, data, etc. via Remote Code Execution (RCE).
How Widespread is the Log4j Vulnerability?
Because of its reliability and flexibility, Log4j is used by thousands of websites and applications across the world. Companies like VMware, Microsoft, Cisco and others are evaluating various product sets to determine the extent of the exposure. One thing we do know, is the challenge is worldwide and it affects companies of all sizes.
A list of known Log4j related softwares has been published on Github to help identify where you may have vulnerabilities. Important to note is that the risk of exploitation applies to public devices and applications.
What is being done?
The Apache Software Foundation has issued patch revision 2.16 which disables some underlying code within Log4j 2 that allows exploitation. But with the widespread nature of the framework/applet it is not yet know how many systems, appliances, and software applications are affected.
ISG Technology is actively working with our vendors and partners to identify any potential exposure that may exist within our customer base. We are also scanning our systems and the customer systems which we manage to find and address Log4j vulnerabilities. If you have any questions, please reach out to your ISG representative or Contact Us to schedule a meeting.
What can you do to protect yourself?
Apply the Patch – The first thing to do is apply the Log4j patch if the application allows for it. Please note that most vendors/manufacturers will need to provide unique patches for their specific applications. And, just like any patch, this can cause downstream issues. So, make sure to check any connected systems to ensure they are fully operational after the patch.
Scan Your Systems – There are a handful of ways to scan your systems for this vulnerability. If you’d like help doing this, reach out to your ISG representative or Contact Us to schedule a meeting.