Critical Vulnerability in a Popular Software Sets Internet on Fire

Log4Shell is located in open-source Apache software and is possibly the worst computer vulnerability in the last decade.

Vulnerability Turned Into a Weapon

The flaw was already exploited in Minecraft and is rapidly becoming a major threat to organizations globally. It was found in a utility that’s present in cloud servers and enterprise software used worldwide. 

According to Adam Meyers, senior vice president of intelligence at the cybersecurity firm Crowdstrike, people have already managed to weaponise Log4Shell.

“The internet’s on fire right now,” said Meyers. “People are scrambling to patch and all kinds of people scrambling to exploit it.”

The vulnerability was found in the open-source Apache software, which millions use to run web services and sites. It allows attackers to access web servers, without even needing a password. Professional hackers and novices alike can use Log4Shell to install malware, steal data, erase information, etc. from internal networks.

The Apache Software Foundation rated the flaw 10 on a scale of one to 10, making it possibly the worst issue in the last decade.

Dealing with Log4Shell, however, is a problem on its own. Some businesses and cloud providers – for example, Amazon – might be able to update their servers without much hassle. But owners of third-party programs will surely encounter difficulties. 

Affected Parties

The first ones to exploit the flaw were users of Minecraft servers. They were using it to execute programs on the computers of other players by sending a short message in a chatbox. 

Microsoft, however, acted fast and issued a software update. The fix will protect all who apply it.

In addition to Minecraft, Log4Shell can harm servers of different companies, including:

Cloudflare didn’t find an issue with its servers. The rest of the listed companies are yet to comment.

Sources

ABOUT AUTHOR

Devoted my whole life to words - reading, writing and trying to be original on social media. Got certified in digital marketing - still not cool enough to be an influencer. Finished a master’s degree focused in Literature, Publishing, Mass Media. Hobbies include traveling, reading and hoping that yoga will be the thing to finally teach me some patience. Would like to take over the world at some point, but that’s an optional dream. Maybe modern tech can help me do that?

Latest from Teodora

What Is SEO Writing Employee Theft Statistics That You Don’t Want to Miss in 2021 15 Disturbing Workplace Violence Statistics for 2021 White-Collar Crime Statistics That You May Not Know About in 2021

Leave a Reply

Your email address will not be published. Required fields are marked *