Skip to main content

Log4J2 Vulnerability

On December 9, 2021, a very serious Zero-Day vulnerability in the common Java-based logging package Log4j was revealed. This threat can allow code to be executed remotely. Because of the widespread use of Java and Log4j this is likely one of the most serious vulnerabilities on the Internet today. Applications including VMware Horizon, Apple iCloud, Steam, Tesla, Minecraft, and many others are affected.

The Cybersecurity and Infrastructure Security Agency (CISA) released an advisory Friday encouraging users and administrators to apply the appropriate mitigations.

Several security vendors and threat researchers have noted that Log4j 2 is used in many major cloud services, applications, and PC games, including Apple iCloud, Minecraft, and Cloudflare.

What to do…

Hopefully, your affected application vendors have already reached out…  if not, we recommend that you reach out to your vendors to check if they have been exposed and If they have been finding out from them what they are recommending you do to mitigate the risk. Applications that are web-facing are the most vulnerable to an attack. As patches are released for mitigation you should apply them with urgency to remediate the vulnerability.

What is a Zero-Day Threat?

A Zero-Day threat (or zero-hour threat) is a cybersecurity threat that hasn’t been seen before and doesn’t match any known malware signatures, making it impossible to detect by traditional antivirus solutions. This type of threat may be a new malware variant infecting a system by traditional means or may exploit a previously unknown software vulnerability (zero-day vulnerability).

Every day, your business depends on information technology (IT) to operate. Thank you for letting us be there for you.

Braver Technology Solutions | WeMakeITWork@BraverTechnology.com
Boston 617.315.8515 | Taunton 508.824.2260 | Providence 401.484.7900

Jenn Gervais

Jenn Gervais is the Marketing Manager for Braver Technology. Her work is focused on building the Braver brand thru awareness and education, reaching clients and the local community. As a seasoned professional she brings 14+ years of IT administration experience to her role and uses these skills to help educate individuals on safeguarding their businesses and keep them advised on the exciting technological advances that Braver provides, supports, and maintains for its clients. With her experience spanning strategy, marketing, graphic design, business development, event + operations management, along with IT administration, Jenn is a strong influence in the workplace and uses her down-to-earth approach, encouraging attitude, and steady energy to keep Braver moving forward.