Alexa metrics
Live Chat

Welcome to UKFast, do you have a question? Our hosting experts have the answers.

Chat Now
Sarah UKFast | Account Manager

Log4j vulnerability: What you need to know to stay safe

13 December 2021 by Katie Lander

On Friday, a serious new vulnerability was published affecting Log4j, an open-source logging framework that’s widely used across many Java-based enterprise applications and web apps. If correctly exploited, hackers can use this to gain remote access to a business’ servers or IT systems.

At 10/10 severity Log4j is one of the most serious IT vulnerabilities to have been discovered in recent memory. 

Log4J is often installed on both Linux and Windows systems either directly, or often as a requirement of another package or system.  By default, Log4J is not included on customers’ UKFast servers, but if you are unsure if this has been added afterwards, we’d recommend you urgently check with your development team. It’s vital that customers talk to their developers as soon as possible to assess their vulnerability and install any relevant patches.

Our security operations centre (SOC) has already encountered and defended against several attempted hacking attacks in relation to this vulnerability, and more are expected to follow over the coming days. Here’s what you need to know to stay safe.

How to stay safe from Log4j

If you’re a UKFast Web Application Firewall [WAF] customer then you should automatically be safe, as the firewall blocks any malicious log4j related attacks. It’s still important to install the relevant patches, however.

If you’re a UKFast Threat Vision customer, you should be able to run a threat scan that identifies where in your IT environment the vulnerable Java is being used, so you can identify which patches are needed. Click here

If you’re not a WAF or Threat Vision customer, you can still get in touch and we can try and help. https://bit.ly/3pXmP9w 

You can find all the relevant patches you need to stay safe here. This is a live page that we’re keeping constantly updated as the new patches come in. If you don’t know whether you’re affected and how to fix the issue, this is the best place to go to learn more.

If you’re not a Threat Vision or WAF customer, it’s better at this stage to assume you’re in danger than to assume you’re safe. To do that, you need to first talk with your development or IT team and identify what applications you’re using that might be using Log4j.

Affected software vendors have been working at breakneck speed to release patches, and there’s a good chance that new software updates have become automatically available already. It’s important to update the latest patches as soon as possible.

What is the Log4j vulnerability?

The Log4j is what’s known as a zero-day vulnerability, meaning it was published to the public before the relevant vendors had the chance to detect, fix and patch it. Though this vulnerability has always existed, the fact that it’s now been published creates an immediate security risk to many businesses.

Log4j is used to log information in many Java-based business applications and web apps. There’s a good chance it’s sitting in the background of your IT systems without you knowing or acknowledging it.

Now that hackers know the vulnerability exists and the systems it affects, it’s incredibly easy for them to use it to gain access to unpatched systems. For that reason, it’s crucially important that customers take the steps above to ensure they are protected.