EIT Quick Bit – Log4j and why you should patch NOW
On December 9, 2021, a zero-day vulnerability within Log4j was disclosed that has the Internet in an uproar. Log4j was found to execute code that was submitted via a simple web request.
So, what does this mean in layman’s terms?
Quite simply. If you have a server that has some software that is running something with Log4j installed on it (and there is a lot), then it is possible that bad guys can easily hack into your server with very minimal effort. When we say “hack into your server” these are some of the possibilities that can happen:
- Ransomware can be remotely installed
- Malware can be remotely installed
- The hackers can gain administrative control of the server
- The hackers can gain access within your network
- The hackers can download files from the server
What can you do?
First, patch immediately if possible. Emergency patches have been created and can be found here (https://logging.apache.org/log4j/2.x/security.html). This should be an emergency change request, do not wait for your normal patch cycle!
If you cannot patch now, you can also (and should!) implement additional mitigations such as preventing the vulnerable machine from having public internet access and/or custom alerting logs established.
Overall, this is a very critical vulnerability and should be investigated within your network and remediated immediately.
Vulnerability scanners do have methods of scanning for this vulnerability. However, the best method is to have your engineers go in and manually validate that the application that is suspected is not vulnerable.
As always, contact Emagine IT if you would like us to aid you in securing your network.
About Emagine IT
Emagine IT, inc. (EIT) is an information technology services and consulting company based in the Washington, DC metropolitan area. EIT provides IT modernization, cybersecurity, and full lifecycle IT services to the public and private sectors. For more information, please visit their website at www.eit2.com.
Sr Manager - Penetration Testing, FedRAMP Team