What you need to know about the new “Log4j” exploit

NOTE: Not everyone is affected, but for those who are we are already in the process of patching individual servers manually and will likely reach out to schedule a reboot of your server if necessary.

If you haven’t been following tech industry news lately then allow us to inform you about this pressing matter affecting millions of servers worldwide. Log4j is a very commonly used logging library in the Java programming language. Programmers use this to help indicate the state of various parts of their program.

Generally speaking, when processing inputs from the user, you always want to treat the input as just normal text, and not code that the program should execute. You do this due to the fact that if an attacker can inject their own code into a program, then the possibilities are endless for hacks/breaches. Now unfortunately if you construct a specific string of text, and are able to get the log4j library to log that string (which is pretty trivial because most programs will log user inputs), you are able to get the log4j library to reach out to other servers and execute any code that is returned.

This allows the attacker to execute code that they wrote on a remote server. This kind of breach is called remote code execution, and can lead to all kinds of issues.

Now that you understand what is at play here please let us know if you have any questions that this hasn’t already answered and be aware that a fix is either already implemented on those machines who are affected, or will be very shortly.

Further information: https://time.com/6128795/log4j-security-flaw/

Your DCI support team