Daily Archives: December 11, 2021

  • Critical vulnerability in something?

    For home users this is one of those vulnerabilities you might read in our CodeRed forum and in the news in the coming days. It may impact services you use, espeially if you are a gamer you may have seen some notifications, but there’s not much you can do personally.  Your vendors have to patch for this. This is not native to the windows platform or the Apple computer you personally use.

    So why do I bring it up? Because your vendors may be scrambling to patch for this over the weekend. Log4j vulnerability is rated as a 10. There is no higher threat than this “A remote code execution zero-day vulnerability in Log4j 2, called Log4Shell (CVE-2021-44228), surfaced on December 9, 2021. Affected services include Cloudflare, iCloud, Minecraft: Java Edition, Steam, Tencent QQ, and Twitter. The feature causing this vulnerability can be disabled with a configuration setting, which has been disabled by default in version 2.15.0, officially released a few days prior. The Apache Software Foundation has assigned the maximum CVSS severity rating of 10 to Log4Shell”

    What is it?  A vulnerability in a Java based logging package that’s used in a LOT of vendor applications. This is especially concerning around the holiday season when security teams start taking vacation time.

    Who’s Impacted? (info courtesy of the Huntress folks)
    • Millions of applications and manufacturers use log4j for logging. This includes…

    • Apple

    • Twitter

    • Steam

    • Tesla

    • Apache applications (e.g. Apache Struts, Solr and Druid)

    • Redis

    • ElasticSearch

    • Video games (e.g. Minecraft)

    For those that are consultants that use tools to monitor computers, this may be in some of your tools.

    I would keep an eye on the Huntress blog for more information.

    Critical RCE Vulnerability: log4j – CVE-2021-44228 (huntress.com)

    Critical RCE Vulnerability Is Affecting Java : sysadmin (reddit.com)

    Bottom line, us home users aren’t impacted, but some of our application vendors may be pulling an all night patching session.

    Edit 12/11/2021 – Microsoft has released a blog post showcasing the actions they are taking.