Log4j Vulnerability Notice

December 15, 2021

Last week, a vulnerability, tracked by CVE-2021-44228, was found in Apache Log4j, a Java-based logging library that is widely used in application development and directly embedded in software applications. If exploited, the vulnerability allows remote code execution against Java applications using Log4j.

While the vulnerability is determined to be severe in nature, a patch for the exploit has been released. We strongly encourage organizations to take the steps necessary to quickly identify, mitigate, and patch affected products and applications using Log4j.

We recommend referring to the guidance outlined by CISA, as well as reviewing the security notices published by Cisco and Microsoft.

As a Gold Cisco Partner, Microsoft Cloud Solution Provider, and Azure Expert MSP, Core BTS remains committed to our client’s business and IT security. Our team is actively mitigating risk for client organizations by doing the following:

  • Working directly with impacted clients to patch custom applications that use Log4j
  • Closely monitoring third party applications and web services on behalf of Managed Services clients
  • Using best practices and tools to manage, monitor, detect, and respond to malicious activity
  • Verifying compliance with Cisco and Microsoft security requirements

We strongly encourage all organizations to quickly identify, mitigate, and patch affected products and applications using Log4j.

If you need help implementing risk mitigations, hardening your environment, or investigating suspicious behavior, our team is standing by to help.

Subscribe to our Newsletter

Stay informed on the latest technology news and trends

Relevant Insights

7 Key Guidelines to Accelerate Your Zero Trust Journey

[The following is an excerpt from a 57-minute long webinar on Zero Trust you can watch on-demand here.] Zero Trust...

5 New Updates to Microsoft Teams | May 2022

This month we noticed several new Microsoft Teams enhancements designed to ensure a better user experience. In this update, we...

Prepare Your Company for the Future with Network Automation

Throughout my many years working in the IT space, I have planned and executed more network installations and upgrades than...