What you need to know about Log4j vulnerability.
What is Log4j?
Software developers use the Log4j framework to record user activity and the behavior of applications for subsequent review. Distributed free by the nonprofit Apache Software Foundation, Log4j has been downloaded millions of times and is among the most widely used tools to collect information across corporate computer networks, websites and applications.
How can hackers take advantage of Log4j’s vulnerability?
The Log4j flaw allows attackers to execute code remotely on a target computer, meaning that they can steal data, install malware or take control. Some cybercriminals have installed software that uses a hacked system to mine cryptocurrency, while others have developed malware that allows attackers to hijack computers.
How to protect your systems?
It is important that your computer systems and infrastructure remain up to date and patched. Additionally, having and using next generation firewall with features such as IPS/IDS active will help block exploit attempts at the company perimeter. Of course since this is a zero day threat many vendors are still investigating the risk and releasing patches or mitigation steps.
Questions & Concerns?
If you have any specific questions or concerns please reach out to your customer representative or your support team.
Below is a list of common M&E product status:
JetStream (not impacted)