Log4j flaw: Will it impact my Greycon system?

If you are reading this article, you will most likely be aware that a vulnerability, known as the Log4j flaw, has been identified by many cybersecurity researchers where attackers are making thousands of attempts to exploit specific vulnerable systems.

Is my Greycon system vulnerable to these attacks?

The quick answer: No.

The Apache Log4j vulnerability affects applications written in the Java programming language. Our software has been written in Microsoft .Net and uses the .Net runtime engine. You can be assured that this is a completely different computer code, and as such, is not affected by this reported vulnerability.

What is the Log4j flaw?

The Log4j flaw (also now known as “Log4Shell”) is a zero-day vulnerability (CVE-2021-44228) that was identified on December 9, with warnings that it can allow unauthenticated remote code execution and access to servers.

Log4j is used in many forms of enterprise and open-source software, including cloud platforms, web applications and email services, meaning that there’s a wide range of software that could be at risk from attempts to exploit the vulnerability.

Do you need to contact Greycon about any Log4j vulnerability issues?

Rest assured that the solutions provided by Greycon are in no way impacted by the Log4j flaw. If you believe that another software package in your IT solution might be affected by this, then we recommend you contact the publisher of that software package.