All you need to know about the latest critical vulnerability Log4shell in the widely used logging tool Log4j, who it might affect, and what to do to reduce your risk.
Log4shell is a critical vulnerability in the widely-used logging tool Log4j. This logging tool is used by millions of computers across the globe running online services. Organisations, governments and individuals are all at risk and, whilst fixes have been issued, they still need to be implemented.
What is Log4j?
Log4j is an open-source logging library that’s used widely by software applications and online services across the internet.
Because today’s software is so complex, it tends to be created by multiple developers who work using a ‘building blocks’ approach. This is so that certain blocks can be used for different applications, rather than all individual software being written from scratch.
Log4j is one of the many building blocks that are used in software creation. Known as a ‘software library’, it is used by developers to keep track of what happens in their software applications or online services. In essence, it’s a vast journal of the activity of a system or application. This activity is known as ‘logging’ and developers use it to help them spot potential problems users may encounter.
What is Log4shell?
Early in December, the National Cyber Security Centre (NCSC) reported a vulnerability known as Log4shell as having been found in Log4j.
If it is left unfixed, Log4shell will allow attackers to hack systems, steal passwords and logins, extract data, and infect networks with malicious software. The major problem with Log4shell is that it takes very little expertise to exploit, which makes it potentially one of the most threatening computer vulnerabilities for some time.
Who will be affected by Log4shell?
Pretty much all software has some form of logging ability, whether it’s for security, operational or development purposes. Log4J is a common element used for logging. The majority of devices and services we use online as individuals every day will use Log4j.
It is vital therefore that everyone ensures their devices and apps are as up to date as possible, and that they continue to update them on a regular basis, especially over the next few weeks.
If you run a business, it may not be instantly obvious whether your web applications and servers, network devices and software use Log4j, which makes it vital that you follow the advice issued by the National Cyber Security Centre, as well as the advice issued by your software providers.
If you are using Log4j in applications that you’ve developed in-house, then be sure to update to the latest version.
If you are using third party applications that incorporate Log4j, again make sure they are updated to the latest version. Keep up to date with newly issued security patches over the next few weeks and be sure to set your updates to automatically install.
Where you are not sure whether any applications in use in your organisation uses Log4j, make enquiries of your in-house or third party developers or IT consultants. Developers have been asked by the NCSC to act promptly when enquiries are made of them.
The NCSC official vulnerability alert provides more in-depth technical detail on the steps to take to protect yourself and your organisation from Log4shell.
If you are a UK organisation which has already been compromised by this vulnerability, you are advised to report it to the NCSC via its website.
Reduce your risk of a cyber-attack with help from PC Docs
Increasingly, cyber criminals are finding more and more ways to take advantage of vulnerabilities like Log4shell. It is therefore crucial that you take steps to protect your business, not just against this latest threat, but against all cyber threats.
Here at PC Docs, we offer a comprehensive package of cyber security solutions, all of which can be tailored to suit your individual business needs and cyber risk assessment.
From anti-malware and adware systems, to firewall and antivirus setup and management, internet and spam filters and email scanning software, we’ve got everything covered.
To learn how we can help keep your organisation safeguarded against all the latest cyber threats, including Log4shell, please get in touch.