GBS is proactively monitoring the situation. We are working with our partners and clients to limit the exposure brought about by this vulnerability.
THREAT SUMMARY:
The Java software library “log4j” features a significant technical vulnerability and is
therefore a potential gateway for cyber-attacks. The focus is on applications that can
be accessed from the Internet and that use the log4j library (CVE-2021-44228). This
vulnerability needs to be closed as soon as possible to protect yourself and your
systems from attacks and especially against ransomware.
Actions needed:
• Scan all your IT applications according to the log4j library
• Apply a patch or alternatively a parameter fix
• Details can be found on the following website: United States Cybersecurity & Infrastructure Security
MORE DETAIL:
The Log4j vulnerability affects everything from the cloud to developer tools and security devices. Here’s what to look for, according to the latest information. A flaw in Log4j, a Java library for logging error messages in applications, is the most high-profile security vulnerability on the internet right now and comes with a severity score of 10 out of 10.
The library is developed by the open-source Apache Software Foundation and is a key Java-logging framework. Since last week’s alert by CERT New Zealand that CVE-2021-44228, a remote code execution flaw in Log4j, was already being exploited in the wild, warnings have been issued by several national cybersecurity agencies, including the Cybersecurity and Infrastructure Security Agency (CISA) and the UK’s National Cyber Security Centre (NCSC). Internet infrastructure provider Cloudflare said Log4j exploits started on December 1.
WHAT DEVICES AND APPLICATIONS ARE AT RISK?
Basically any device that’s exposed to the internet is at risk if it’s running Apache Log4J, versions 2.0 to 2.14.1. NCSC notes that Log4j version 2 (Log4j2), the affected version, is included in Apache Struts2, Solr, Druid, Flink, and Swift frameworks.
Mirai, a botnet that targets all manner of internet-connected (IoT) devices, has adopted an exploit for the flaw. Cisco and VMware have released patches for their affected products respectively.
(Credit ZDNet, Liam Tung)