A vulnerability in the Java logging library Apache Log4j recently came to light, and security researchers are warning that cyber attackers are making over a hundred attempts to exploit the vulnerability every minute.
Log4j is used in many forms of enterprise and open-source software, including cloud platforms, web applications and email services, meaning that there's a wide range of software that could be at risk from attempts to exploit the vulnerability. Major services and applications globally are impacted by the vulnerability due to the prevalence of Log4j2s use in many web apps.
We strongly encourage organizations to update any explicit uses of Log4j 2 to version 2.15.0-rc2 or higher, as well as scrutinize other services that may implicitly rely on it. You can review Apache’s guidance for mitigating the vulnerability by clicking here.
You can also contact the security team at LRS IT Solutions for help with this vulnerability.