Log4j Vulnerability – Check Your Systems!
On November 24th, a zero-day vulnerability was disclosed in the popular Log4j java library. The security flaw is classified as critical; it allows an attacker to remotely execute code and thus to break into companies.
Since the Java library Log4j is used by many manufacturers around the world, many products in use are currently affected by this vulnerability. The probability that you are using a product that is vulnerable to this attack is very high.
Cyber criminals are already actively exploiting the vulnerability to infect exposed systems with malware.
The National Cyber Security Center is currently calling on organizations to take all possible measures to prevent further damage (see also: https://www.ncsc.admin.ch/)
If you already know that one of your products uses Log4j, ask the manufacturer whether a patch is already available or what alternative measures you can take to protect yourself. In addition, we urgently recommend that you now perform a Log4j vulnerability scan to quickly identify vulnerable systems that can be reached from the internet.
Asecus is now also offering vulnerability scans as a managed service. The customers receive a weekly report with an overview of the current weaknesses and support in resolving them from our security experts.
Do you need support in carrying out the vulnerability scans or should we perform the entire scan for you?
Get in touch with our security experts, we will be happy to support you: