‘Extremely bad’ vulnerability found in widely used logging system

A new serious vulnerability discovered. The short is “The Log4Shell exploit gives attackers a simple way to execute code on any vulnerable machine”. The verge posted about it HERE. Here is the first part of the article.

Security teams at companies large and small are scrambling to patch a previously unknown vulnerability called Log4Shell, which has the potential to let hackers compromise millions of devices across the internet.

If exploited, the vulnerability allows remote code execution on vulnerable servers, giving an attacker the ability to import malware that would completely compromise machines.

The vulnerability is found in log4j, an open-source logging library used by apps and services across the internet. Logging is a process where applications keep a running list of activities they have performed which can later be reviewed in case of error. Nearly every network security system runs some kind of logging process, which gives popular libraries like log4j an enormous reach.

Marcus Hutchins, a prominent security researcher best known for halting the global WannaCry malware attack, noted online that millions of applications would be affected. “Millions of applications use Log4j for logging, and all the attacker needs to do is get the app to log a special string,” Hutchins said in a tweet.

The exploit was first seen on sites hosting Minecraft servers, which discovered that attackers could trigger the vulnerability by posting chat messages. A tweet from security analysis company GreyNoise reported that the company has already detected numerous servers searching the internet for machines vulnerable to the exploit.

A blog post from application security company LunaSec claimed that gaming platform Steam and Apple’s iCloud had already been found to be vulnerable. Neither Valve nor Apple immediately responded to a request for comment.

Read the full article at https://www.theverge.com/2021/12/10/22828303/log4j-library-vulnerability-log4shell-zero-day-exploit

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.