How Log4j 2 vulnerability will be affecting the internet by GHM IT guru Michael Biddle

Log4j is a logging library made by the Apache Software Foundation and is used extensively in services. A security risk found with Log4j allows hackers to execute remote commands on a target system. The vulnerability puts countless services at risk of an attack by hackers. Since many services like Apple iCloud, popular gaming service Steam and online game Minecraft use Log4j, the vulnerability is being considered as one of the most dangerous ones found in recent years.

This new vulnerability Log4j 2 (Log4Shell), was recently discovered on 9th December. The problem with this is Apache web server is hugely popular, and the Log4j 2 logging library is very popular for developers. The vulnerability itself, if logging is left on when an application is compiled/built, allows an exploit that can output logged information. Meaning they can find out information like usernames, access tokens, ports being listened to, and so on.

So far, this has been confirmed and patched, or a patch is coming soon on several cloud services, including but not limited to Sophos, Watchguard, Cisco, Stream Gaming Services, iCloud and Microsoft.

Unfortunately, servers and devices on-premises don’t tend to be kept up to date. So, they can go years without being patched correctly. Most Microsoft servers and devices get the Windows patches, fixing some vulnerabilities. However, iDRAC and iLO are two areas that can be overlooked, because they can require server reboots (Downtime).

The outcome, like all vulnerabilities is to keep systems and applications up to date! To manage the update expectations of your business, you should schedule downtime biannually to update the firmware and virtual environments such as VMWare/Hyper-V and so on.