Log4j

Log4j Vulnerability Explained

The Log4j vulnerability allows malicious attackers to execute code remotely on any targeted computer. What is Log4j: Log4j an open-source software, a logging library for Java, is widely used by businesses and web portals. Earlier this month, this open-source software was in the news for its vulnerabilities.

Impact

Being used by many businesses and websites around the globe as a Java language, this software is publicly accessible and used to collect and store records of activity on a server. In this case, the vulnerability discovered allows malicious attackers to execute code remotely on any targeted computer. In simple terms, hackers can easily steal data or take control over the system. This vulnerability has the potential to expose organizations to new waves of cybersecurity risks, where the attackers can exploit using Remote Code Execution (RCE). Report reveals that despite efforts by federal and private sector organizations to protect their networks, Log4j has become an “endemic vulnerability”, meaning that unpatched versions of the ubiquitous software library will remain in systems for the next decade, if not longer. 

Solution

Install the latest stable version of the library,