On December 9th, 2021, it was revealed that there is a remote code execution vulnerability in Apache log4j, being actively exploited by attackers, prompting the US Cybersecurity and Infrastructure Security Agency to issue a statement about this software bug on December 11th, 2021.
What Is Log4j?
Log4j is a popular java open-source logging library used in countless applications across the world. Its lightweight framework allows developers to create a log of everything an application has done for the purpose of debugging.
What is the exploit?
Log4j allows logged messages to contain format strings that reference outside information through the Java Naming and Directory Interface (JNDI). If someone sends the library a message in the form of a special string of characters, it enables attackers to perform remote code execution, which means they can run any code and access all data on the affected machine.
Who is affected?
The full scope of this exploit has not been fully uncovered, but the impact is wide and far reaching. New information is being actively reported, and you can view an active list of affected vendors and their responses here.
Our managed services clients have properly configured firewalls with threat protection that prevents this exploit from outside attackers. Virtuas has assisted clients to identify any affected systems and promptly applied the necessary updates to improve the security posture.
If you are not currently a customer and need assistance with this threat or any other, please contact us.