A recently uncovered software flaw is possibly the most critical vulnerability of the last decade.
Log4Shell grants easy access to internal networks, making them susceptible to data looting, data loss, and malware and ransomware attack.
A critical vulnerability in a widely used software tool – Apache – is rapidly emerging as a major threat to organisations around the world. Globally organisations are rushing to patch this flaw and many are still wondering how to respond to this vulnerability.
According to the Guardian newspaper (Recently uncovered software flaw ‘most critical vulnerability of the last decade’ | Software | The Guardian) this bug has already been “fully weaponised”, meaning malefactors had developed and distributed tools to exploit it.
The flaw, dubbed “Log4Shell”, may be the worst computer vulnerability discovered in years. It was uncovered in Apache, the open-source logging tool that is ubiquitous in cloud servers and enterprise software used across the industry and the government. Unless it is fixed, it grants cyber criminals’ easy access to internal networks where they can loot valuable data, plant malware, erase crucial information, hold assets for ransom, and much more. The vulnerability was rated 10 on a scale of one to 10 by the Apache Software Foundation, which oversees development of the software.
This is a simple patch, and configure if you are on recent versions of the software. Specifically Log4j 2.15.0.is secure, 2.10 requires some configuration, and 2.0 more configuration. The real problem is the 1.x versions and where pre 2.15 versions are compiled into a product (please refer to the long list of impacted products referred to in question 3 below).
If any of the below apply to you please contact us urgently at Adrian@wird.co.za or Scott@wird.co.za or call us at 082 831 9706 or 060 677 2610 to arrange for a rapid risk assessment and resulting rapid response plan
1. Are you using version ( we need to identify the versions of the software that are affected) of Apache?
2. Is your Apache software used in bespoke applications?
3. Please refer to the continually updated list of impacted software at log4shell/README.md at main · NCSC-NL/log4shell · GitHub If you are using any of the
software that is indicated as vulnerable you and your customers and partners are exposed.
4. If you are unsure and are concerned, please contact us and we can determine if you are at risk.