| |

Critical Security Vulnerability: log4j – CVE-2021-44228

We have been made aware of a critical vulnerability, CVE-2021-44228, which affects a significant amount of software. After a thorough investigation, we have determined that the vulnerability will not cause an impact on Grand Dial Communications or its users. Most of our services have either already been patched or do not use systems that are…

We have been made aware of a critical vulnerability, CVE-2021-44228, which affects a significant amount of software. After a thorough investigation, we have determined that the vulnerability will not cause an impact on Grand Dial Communications or its users. Most of our services have either already been patched or do not use systems that are affected by the vulnerability.

Our recommended course of action for all partners is to evaluate all Java and Apache software for the vulnerability and to evaluate all servers for installed instances of log4j. If your organization uses the log4j library, you should upgrade to log4j version 2.15 immediately, and make sure that your instance of Java is up-to-date.

Log4Shell is an emerging vulnerability that many organizations are becoming aware of. We will let you know if any of our services are impacted. We will be updating this blog post with the latest information as we get it.

Update #1: For Home Users and Every Day Consumers

If you’re not all that tech savvy, this update is for you. I’ll be working on adding more details tomorrow, but I don’t want to leave you guys with just what I sent out.

This vulnerability affects a lot of different pieces of software, but most home users won’t need to do anything at the moment. Many companies have been putting out statements about the vulnerability and have patched it out already.

If we have any recommendations for you, we will update them here when we know about them.

Some Notable Exceptions:

Update #2 Making Sense of the log4J Vulnerability

We had several questions about the vulnerability after our first alert. Here’s a quick, down-to-earth explanation of what’s going on and what you need to know about. https://www.granddial.com/making-sense-of-the-log4j-vulnerability/

I’m also updating the main article to soften some of the wording of the original article.

Because this is an ongoing investigation, experts are still working on finding the extent of the vulnerability. New information may arise. If this impacts our services or our customers, we will let you know.

If you need help with making sure your system is protected, give us a call. We’ll do what we can to walk you through it.

Additional Reading and Resources

Similar Posts