Last week it was discovered that Log4j could be exploited to allow remote code execution on the server doing the logging for an app or program.
The trouble with this exploit is that it was disclosed publicly before it could be addressed and fixed. Given how widespread the use of Log4j is, this presents a massive problem, especially for businesses.
The big problem at the moment is that because Java isn’t widely used anymore, the assumption from many system administrators, IT teams and decision makers is likely to be that they aren’t affected and that’s a problem.
As Senior Security Advisor at Sophos Paul Ducklin explained in a blog post, with the right know how (and it’s not complicated either) a cybercriminal could take over a system and worse.
The task ahead for system administrators and IT teams then appears insurmountable but it doesn’t have to be. We spoke with Ducklin this morning via conference call about how best businesses can approach this mess. The advice centres very much around the idea of “don’t delay, start today”.
While businesses are frantic with worry, ordinary consumers may assume they aren’t affected by this. That could be dangerous if you operate a website or blog which has been affected by the Log4Shell exploit. As such, it’s recommended that customers contact service providers to find out if they are affected by this and what they can do.
Other than that, it’s a case of waiting for fixes to be deployed and companies disclosing what they have done.
The conversation with Ducklin is embedded below and while long, it is loaded with information about how the exploit works, what businesses should do and even how we can avoid something like this in the future.
Oh and if you’re thinking of helping a business by checking if they are vulnerable to this exploit, don’t do that unless you’re asked.
[Image – CC 0 Pixabay]
