Log4Shell – How to deal with vulnerabilities
A new and severe vulnerability has been discovered in a widely used system. It has already been deemed the most critical security breach in modern IT history.
The vulnerability concerns a failure in a system driven by the opensource foundation Apache. The failure has now been given the name Log4Shell, and it can threaten both private computers as well as millions of companies worldwide.
The vulnerability allows hackers to access devices remotely and thus enter IT systems without authentication. It was discovered in late November by Chen Zhaojun, a member of the Alibaba Cloud Security Team, who immediately alerted the Apache Software Foundation.
The failure is particularly severe as Apache delivers subsystems for almost all international governments and companies. The logging utility based on Java is used in hundreds of millions of devices around the world.
Since the failure was discovered, security specialists all over the world have been struggling to close this gap before it is exploited by hackers.
We asked our company CTO, Bartosz Kupiecki, how to deal with such vulnerabilities:
In order to close the vulnerability, you have to update Log4j to version 2.17 or newer. You can see the release notes from Apache Log4j Security here.
The problem is that the failure is found in a great variety of different systems. Across large and complex IT landscapes it can be very difficult to identify all devices on which this vulnerability threatens.
An effective first step is to scan your entire IT environment. From here you can determine where you need to install security patches and close the gaps before hackers take advantage of the failure.
But if you want to protect your IT onwards, it’s not sufficient to create an overview once and for all – you need to continuously keep track.
At BOSCO we have automated the discovery process in our software solution, Stratos-AI. A continuous overview helps you not simply deal with critical vulnerabilities – it helps you stay ahead of them.
If you have any questions concerning risk mitigation, do not hesitate to reach out to us with a comment below, or at firstname.lastname@example.org.