Microsoft Issues Warning - Log4j Is Not Going Anywhere

Log4j is shaping up to be a miniature version of Covid-19 in the digital space - persistent, all-encompassing, and incredibly difficult to get rid of. The flaw that shook the cyber world, disclosed in early December 2021, is not going anywhere, it seems, at least according to digital security experts with Microsoft.

Microsoft has issued multiple patches to various of its software products in an attempt to address the issue as fully as possible on their end, with an update to Windows Defender too, to potentially help spot the issue on time.

Probing for Log4j Ramps Up

The software giant is warning that after the initial outburst of exploits and the numerous mutations of those exploits that sprung up in December, now state-sponsored threat actors, as well as large cybercriminal outfits, are hopping on board, with attempts to infiltrate systems where the exploit is still unpatched ramping up throughout December.

In an early-January update, the Microsoft 365 Defender Threat Intelligence Team warned that attackers are adding ever new exploits that take advantage of the error logging flaw codenamed Log4j and those new exploits are being incorporated in all sorts of attack vectors, ranging from malware toolkits to crypto-miner malware, to even manual attacks executed movie-hacker style, on an actual keyboard.

Ahead of the new year, Microsoft released an all-in-one dashboard for its Microsoft 365 Defender portal, intended to help spot and rectify any remaining Log4j vulnerabilities and loopholes on their networks. A few days earlier, other big security companies also released their own versions of similar tools working as scanners for Log4j weaknesses.

Dizzying Scope

The family of codified Log4j-related vulnerabilities has been expanded with several new members, all of them given unique CVE designations.

The numbers that are often brought up when discussing Log4j are still staggering. The US CISA estimates that "hundreds of millions" of devices are affected by the Log4j flaw, due to the massive prevalence of the underlying platform across all manners of systems.

January 4, 2022

Cyclonis Backup

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.