Haven’t heard of Log4j before right now? If not, you’re certainly not alone but unfortunately it’s something you’re likely to hear more about in the weeks ahead. It may wind up being the cause of a few headaches for you.
“Log4j” is a Java library. Its function is to log error messages in applications. Consider it akin to an overworked clerk in the back office somewhere.
As is often the case with overworked clerks in back offices, it turns out that they’re important. If one of them starts having issues it can have gigantic ripple effects. That’s basically what’s happening here. This library is open source and is one of the bedrock components of the Java-logging framework.
Recently researchers found a remote code execution flaw in Log4j that is already being exploited in the wild.
The issue is being tracked as CVE-2021-44228 and has a severity score of 10/10 so this issue is as serious as they get. In fact, it’s such a major problem that the UK’s National Cyber Security Centre has already issued a bulletin about it.
This is a pervasive issue that impacts pretty much every device that’s exposed to or connected to the internet and that’s running Apache Log4j versions 2.0 to 2.141. Even worse is that there’s at least one group of hackers already abusing the flaw. The Mirai botnet targets mostly IoT devices and has been modified with a module that specifically exploits this flaw.
Fortunately, both Cisco and VMware have released patches that address the issue for their products that were affected by the issue. As a whole the industry is moving very slowly when it comes to responding to this threat.
That’s dangerous because the global economy absolutely depends on the internet these days. Anything that has a large-scale impact on the web will have enormous ripple effects that will be felt for months if not years.