You may have seen reports of a new zero-day vulnerability affecting multiple different services and applications.
This vulnerability is called Log4j.
What is Log4j?
Log4j is a vulnerability that potentially allows attackers access to run remote code on devices.
What is a Zero-Day Vulnerability?
Zero-day is a term used for a new vulnerability, meaning that there are no existing fixes or mitigations in place by software providers.
However, the majority of service and application vendors have released updates or patches to mitigate the threat or are working hard to get these released as soon as possible.
What do I need to do?
For IT3000 support customers we are actively investigating and mitigating this threat where required. Part of this process is installing updates and patches and these may require device reboots, if you are affected a member of the IT3000 technical team will be in touch.
If you are not a supported contract customer with IT3000 but would like us to run a vulnerability scan to access your network, or if you have any concerns about how Log4j could impact on your business, please call us on 01455 247 830 and a member of the team would be happy to talk this through with you.
If you have any questions or concerns please contact your account manager or get in touch with us on 01455 247 830 or email firstname.lastname@example.org.