How to best stay ahead of vulnerabilities such as Log4j
Log4j is code that was created for Apache Software Foundation and is widely used by commercial software developers to log user activity on computers, ease login process, and powers up web cams, car navigation, medical devices, smart electronics and more (meaning it’s still used everywhere). It runs across multiple platforms (i.e. Windows, Linux, MacOS). The flaw allows bad actors to seize control and push malicious code to launch malware. Identifying which systems use this code can be a challenge because it is often hidden under layers of other software, like websites, line of business applications, and embedded in some hardware.
One of the best ways to stay ahead of IT issues and vulnerabilities is to install all updates, upgrades, and patches immediately when they become available. These are best practices to avoid IT issues, secure software, and “harden” physical pieces of technology. Updates, upgrades, and patches are created for several reasons – to add features and enhancements, resolve discovered bugs, and (relative to this latest security issue) secure software and operating systems. If they are not being applied, not only are you missing out on the very best the product has to offer, but you are potentially leaving a security “hole” open for would-be hackers to use to enter your systems. Although the likelihood of malware increases the further out of date your software and systems are, “Zero Day” exploits often target current systems as the bad guys discovered the issue before the creators of those systems. Making it even more important to have a process around confirming that every possible update is installed as soon as it can be without impacting the business (in most cases the night it was released).
Recommended steps for businesses to assess risk potential:
Step 1 – Someone needs to PAY ATTENTION, and watch for potential attack points
Step 2 – Assess potential product vulnerabilities
Step 3 – Immediately apply patches to effected machines (this is independent of an “outbreak” so normal patching should happen regularly)
Step 4 – Analyze for potential security breaches, i.e., make sure you understand how to CONFIRM that you aren’t affected.
In the case of this latest issue, please follow the advice from Apache by upgrading their Log4j version to 2.15.0 or by implementing one of their mitigations. Apache Releases Log4j Version 2.15.0 to Address Critical RCE Vulnerability Under Exploitation | CISA
Cybersecurity Vendors Susceptible to The Log4j Vulnerability (and advice to fix). Vulnerable Log4j code can be found in products from prominent identity vendors like CyberArk, ForgeRock, Okta and Ping Identity, as well as SMB-focused security companies like Fortinet, SonicWall, and Sophos. 12 Cybersecurity Vendors Susceptible To The Log4j Vulnerability (crn.com)
Unfortunately, not all vulnerabilities make the news like Log4j. This is why it is incredibly important to stay ahead of IT issues, with proactive maintenance, applying all updates, upgrades, and patches to best protect business IT.
Do NOT wait for IT issues; patch and stay ahead of it.
We do not like to create fear and always wish to provide usable IT information and guidance to enable businesses to be informed regarding their technology. This is a serious security risk that may require guidance from professionals if you do not have internally accountable people.
I.T.WORKS! has a proactive approach to delivering managed IT services. We have self-imposed discipline, process, and standards that we adhere to without fail. We are “disciplined” in the execution of our everyday work, we follow a consistent “process” for each client and their environment, and “standards” are met and exceeded. We install all updates, upgrades, and patches immediately when they become available, avoiding issues that could arise and employing best practices against malware.
We do not wait for IT issues to arise, we solve them before they become a problem – with discipline, process, and standards.
Please contact us if you have questions, regardless of if we work together. We find businesses are able to make better informed decisions after speaking with us.
