Front Page: NCSC-FI
Front Page: NCSC-FI
Go to Search

Log4j alert changed to red – one of the most significant vulnerabilities in history

Information security now!

The yellow alert issued on 10 December 2021 was changed to red as the severity of the vulnerability became better known. The vulnerable Log4j component is widely used in online services, and new exploits are constantly discovered. Administrators must take immediate action to respond to the issue. This article gives answers to frequently asked questions.

Over the weekend, more information has become available on the extent of the vulnerability. Attempts to exploit the vulnerability have soared, and new vulnerable services are constantly discovered.

Administrators must take immediate action and updates must be installed urgently. If updates cannot be installed right now, our vulnerability report includes instructions on how to mitigate the vulnerability. Please note that the measures may prevent the proper functioning of some of the features in applications.

The vulnerability is very severe, because it is practically a ‘master key’ to a vulnerable service. It allows attackers to take control of a vulnerable service and use it as they wish.

The vulnerability has been exploited to deploy cryptocurrency miners on the servers targeted but due to the nature of the vulnerability, the attack potential is much higher. The true consequences of the vulnerability will become clear in the coming weeks.

The vulnerable component is used in different types of services. The vulnerability has been assessed as critical as the 2017 Wannacry attack and the related vulnerabilities.

Updates take time. Application developers are releasing updates to their products. It may be challenging to locate the vulnerable component. Updates must also be tested before deployment, and all this takes time.

We will update our vulnerability report as new information about vulnerable applications becomes available. We have also added to the report instructions on how to detect and test the vulnerability and mitigate its impact.

.

Frequently asked questions