5-network.png

Apache Log4j 2 Vulnerability
Security Information Page

connectivity.png

What the is Log4 j Vulnerability 

Log4 j is a logging tool used in many products and services across many technologies. The Vulnerability in the log4J library can allow an attacker to execute arbitrary code on any system that uses Log4j to write logs. If exploited, it could allow someone to execute code remotely. This logging utility is inbuilt to many applications and services.

 

Any device or service that is exposed to the internet is at high risk if it's running Apache Log4J, versions 2.0 to 2.14.1. NCSC notes that Log4j version 2 (Log4j2), the affected version, is included in Apache Struts2, Solr, Druid, Flink, and Swift frameworks.

Any services that are not exposed to a public network are also considered a risk and should be updated as soon as possible, 

What can customers do about it?
The most important fix available for this vulnerability is to update to version 2.15.0 or later. However, in most cases this will be done with an 3rd party vendor application or firmware update.
 

Statement from hybrIT

HybrIT’ s Information Security team, have been responding to the Log4J vulnerability since we became aware of the issue. We are working with our suppliers to ensure we remain resilient against this new vulnerability.   

We are working through a process of validating the response of all software suppliers in use and other relevant third party suppliers to identify whether remedial action is needed. We are aware of a number of applications that will require remedial action in our estate which is being undertaken as a priority. We are not aware of any compromise that places HybrIT or customers of our own service offerings at risk.

In addition to working to identify and remediate vulnerable applications we continue to monitor for evidence of compromise. We have many confirmed endpoint agents (e.g Microsoft 365 Defender) are able to detect and protect against exploitation. 

Advise to customers is to make sure your endpoint security applications, servers, desktop and applications are up to date.