What is Log4j?

Log4j is one of the most popular logging libraries used online and provides software developers with a method to track activity for various reasons, including troubleshooting, auditing, and data tracking. Being an open-source and free library, it is integrated into many existing Java applications.

Why is the vulnerability dangerous?

Log4Shell is the vulnerability discovered last week, which allows an attacker, if exploited, to execute code on the affected servers, for example, importing malware that could compromise the application entirely or extract data. The vulnerability is exposed when the application saves a set of characters in the log, making it easy to trigger and exploit.

Cloud services, network management platforms, video games are just a few examples of applications and services that use the Log4j library. Apache Software Foundation, the organization that developed Log4j, has released the security patch, but the process of updating all applications will take time, during which attackers are still scanning the internet for applications without the patch applied.

How do we detect if we have affected applications and how can we protect our applications?
 

There are already developed open-source applications that can scan potentially vulnerable applications and detect the use of the affected version of the Log4j library. Additionally, most firewall vendors have published IPS signatures to detect known malicious behavior.

For more information, we recommend the following articles:
 [https://www.linkedin.com/pulse/why-log4j-exploit-so-serious-vinny-parla/ ](https://www.linkedin.com/pulse/why-log4j-exploit-so-serious-vinny-parla/ ) si [https://blog.talosintelligence.com/2021/12/apache-log4j-rce-vulnerability.html](https://blog.talosintelligence.com/2021/12/apache-log4j-rce-vulnerability.html)