Log4j (Log4Shell) vulnerability

This is a serious exposed vulnerability of many web server logging servers allowing a miscreant potential control of the webserver. Ref: https://www.ncsc.gov.uk/news/apache-log4j-vulnerability.

We have scanned all our servers and can confirm that we do not use this application and no copies of it exist. Hence client websites are not exposed to this issue.

We would draw attention to users who have members of their household using the java addition of Minecraft. This did contain the vulnerability and is a risk in multi-player mode. Please consult: https://help.minecraft.net/hc/en-us/articles/4416199399693-Security-Vulnerability-in-Minecraft-Java-Edition

Comments are closed.