Cynthia Lawton

03.24.2022

A recent survey by Qualys and published in SC Magazine suggests that after over 3 months, roughly 1 in 3 devices and installations that were affected by the Log4j vulnerability are still unpatched. This number amounts to roughly 22 million vulnerable application installations — and it should be noted that these are just the devices that are readily accessible from the Internet.

Log4j reached critical status towards the end of 2021 when it was discovered that a feature its platform could allow an unauthenticated attacker to take complete control over a remote system. The vulnerability was classified in CVE-2021-44228, and has been extensively discussed in cyber security as well as in a published flash with guidance from the government’s cyber security agency, CISA, who published guidance.

 Read the full bulletin

Keep Informed


SHARE

Cynthia Lawton

03.24.2022

Keep Informed