Winet not affected by critical Java vulnerability

Since this week circulates a threatening security gap (also called zero-day vulnerability) in the Java software library (log4j), which has since threatened many programs and half the Internet. The National Cyber Security Centre (NZCS) has thereby IT Threat Situation 4 / Red proclaimed: https://www.ncsc.admin.ch/ncsc/de/home/aktuell/im-fokus/log4j.html

All-clear for Winet customers and partners:
✅ Winet's products, services & services are not affected by the circulating Java security vulnerability and can still be used without hesitation

The IT threat makes half the Internet unsafe. A zero-day vulnerability that exploits a flaw in the Java software Log4j leaves numerous servers, programs and apps vulnerable. Cybersecurity experts worldwide warn.

Cause and effect

Many applications and online services written in the Java programming language are not available because of a until recently unknown Java vulnerability vulnerable.

On December 9, IT security experts and various websites drew attention to a zero-day vulnerability in the Java logging library Log4j. The vulnerability, which has since been given the number "CVE-2021-44228", could lead to attackers being able to access affected computers malware execute. This IT threat, known as Remote Code Execution (RCE), is considered one of the most potentially devastating attacks.

According to IT security authorities in various countries, attacks have already taken place. Apparently, information about the vulnerability and an included attack tool (exploit) have been published on the Internet.

Which services are affected

Vulnerability in the Java software Log4j

Several million apps, programs and services from different vendors use log4j for logging. This includes especially the following manufacturers and services:

  • Apple
  • Twitter
  • Steam
  • Tesla
  • Apache applications (Struts, Solr and Druid)
  • Redis
  • ElasticSearch
  • Online games like "Minecraft

What counteracts the threat?

Many server administrators (admins) have been trying to save their software and programs and secure their systems since the security vulnerability appeared. Only recently, the first software updates ("patches") have been made available.

Internet users should be especially careful in the near future and, above all, must count on the providers to install the patch quickly.

Current

Dial phone number
Current

Are you satisfied with your carrier support? Service at the highest level with Winet

In today's digital world, a reliable carrier service provider is essential. Carriers are the backbone of modern communications because they provide...
jamming-microsoft
Current

Microsoft with massive network disruption

Microsoft is currently experiencing a worldwide network disruption that is affecting parts of the software manufacturer's cloud services. As a result, some web services are either...
Current

Crowdstrike paralyzes security-relevant systems for hours.

Where did the disruptions occur? The most conspicuous were the difficulties in air traffic. The airport in Berlin had to be closed at...
Avaya IP Office 11.1.3.0
Current

Patch Avaya IP Office now due to critical security leaks

There are serious security vulnerabilities in Avaya IP Office. Unauthorized persons can exploit these vulnerabilities in the IP telephony software, which are classified as critical, to...
Current

Why it's not worth importing sugar beets.

VoIP telephony from your region: refined and precisely dosed.
Current

Why you shouldn't store your apples in a Seattle store.

VoIP telephony from your region: well stored in the Swiss cloud.