Log4j vulnerability response

Home / Blog / Corporate / Log4j vulnerability response

In response to the new vulnerability published by ‘Apache Software Foundation’ Log4Shell which effects Log4j utility. Log4j is a java biased logging utility and commonly used in Apache cloud servers.

New vulnerabilities are uncovered every day, however this one is significant as the tool ‘Log4j’ is used abundantly in cloud servers/services and enterprise software across the cloud industry and in government systems, the vulnerability could expose organisations to data breaches and attacks.

The vulnerability was uncovered by the Alibaba cloud security team and reported to the ‘Apache Software Foundation’ in November 2021, Log4Shell (CVE-2021-44228). It was officially published on the 9th of Dec 2021.

Symec has actively investigated the vulnerability and obtained professional advice from our service providers and taken recommended actions to mitigate the risks.

Symec Suite of Applications (Symec Hub, Optimise, Device Angel and Shareable)

Symec’s service providers and developers’ investigations have found that the effected Log4j utility is not use by our in-house developed applications, however the applications are hosted with well-established enterprise 3 party Cloud providers which could be using this utility. Our support teams have actioned the recommended security patch levels to servers and searches are being carried out to mitigate any exploitable paths to Log4shell vulnerability.

See below our providers useful links and statements regarding the Log4Shell vulnerability, these links state the proactive actions being taken by them.

AWS

https://aws.amazon.com/security/security-bulletins/AWS-2021-006/

Google Cloud

https://cloud.google.com/log4j2-security-advisory

Symec Systems

The recommended security patch levels have been applied to servers and vulnerability searches are being carried out. See below statements from some of our service providers.

Symec’s Partner responses

Zebra

https://www.zebra.com/us/en/support-downloads/lifeguard-security/cve-2021-442280-dubbed-log4shell-or-logjam-vulnerability.html

Honeywell

https://www.honeywell.com/us/en/press/2021/12/honeywells-statement-on-java-apache-log4j-logging-framework-vulnerability

Samsung

https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services

Trimble / CoPilot

https://support.copilotpro.com/en/support/solutions/articles/19000132528-trimble-maps-review-of-the-apache-log4j-2-security-issue

SOTI

https://docs.soti.net/notifications/security-notifications/

https://discussions.soti.net/articles/log4j-vulnerability-log4shell-important-information-you-should-know

42 Gears Statement

https://community.42gears.com/t/update-for-apache-log4j-vulnerability-cve-2021-44228/2030

WIZYEMM

“Dear WizyEMM customers and partners,
After careful investigation of the issue, we have determined that the WizyEMM product is not impacted by the recent log4j vulnerability.
All versions of WizyEMM currently running on production environments are using a version of log4j that is not vulnerable to the CVE-2021-44228 exploit.”

Contact us today to and to discuss the importance of Mobile device security

This vulnerability is a good reminder of the importance of keeping ‘Cloud services’, ‘Networks & Server hardware’, ‘applications ‘and especially ‘Mobile devices’ regularly updated, to protect against vulnerabilities and instabilities.

End of service life and including unpatched ‘Mobile Devices’ can be the weak link in the chain and could provide a loophole into an otherwise secure solution.

Without security release updates, these are some of the types of attacks devices will not protected against
- Rooting, Backdoor, Denial of service, Trojan and Uncommon & Mobile Unwanted Software (MUwS), Hostile downloaders
- The following attacks although more uncommon are possible on a closed network: Commercial spyware Phishing, Elevated privilege abuse, Ransomware, Spam Billing fraud.

Some mobile operating systems example: Windows Mobile , CE and older Android versions still in use in organisations today, have not received security patches for several years, this could lead to your devices being:

Unprotected against new methods of malicious attacks
Exposed to potential data leaks
Vulnerable to security risks over network
Vulnerable to unplanned firmware stability issues
More likely to fail and increase support and development costs

If organisations are handling 3rd party clients/customers information the risks and penalties are far increased. Should these mobile devices display valuable, sensitive information, these new threats can not only cause harm, but expose your client’s information and negatively impact them.

In addition to the data risks, downtime and support costs can quickly escalate. For example the wireless infrastructure security update is required, after WI-FI firmware update is deployed, devices are no longer compatible or device connectivity is lost. In this instance a rollback would be possible… However, not only is the Wireless infrastructure no longer secure, productivity is reduced, increase levels of calls to the helpdesk, and tech support is required, this support is often from 3rd party service providers.

Also – talk to our Android Enterprise Experts and see an interesting link on mandating security standards with Android