Since last week, word regarding a critical vulnerability that could potentially be massive has hit the ground. The flaw was discovered in Apache Log4j and is called Log4Shell.
Over time, the vulnerability presently has most cyber security companies as well as technology giants scrambling to apply fixes — for its sheer potential to infect.
In a report, published on December 11, 2021, on the Log4j flaw, Microsoft stated that it could be exploited by attackers to steal mass data or credentials — going beyond the initial assessment of crypto jacking. This, though, could only be the tip of the iceberg.
The Apache Log4j is an open source logging library that is deployed across various cloud and enterprise software platforms across the world. In fact, the application of the standard is so ubiquitous that one data estimate suggests that it can potentially affect more than three out of every 10 websites in the world.
Some of the most prominent companies and platforms that use Apache servers include Apple, Amazon, IBM and Twitter.
As for the flaw itself, reports have cited cyber security experts as saying that it could be the biggest vulnerability for attackers to exploit in over a decade.
Hackers can potentially use the Log4j flaw as a remote code execution (RCE) exploit, which in turn would allow them to take over cryptocurrency mining rigs (such attacks are known as crypto jacking), and run further malware to steal data or deploy ransomware.
Reports have stated that the ubiquity of Log4j means that applying the patch, which the Apache Foundation has already released, is a problem as well.
Smaller organisations are being left at the mercy of the larger ones, as they scramble to find potential stop-gap solutions.
At the time of publishing, it could not be ascertained as to how much damage Log4j had caused already.
Earlier today, IBM released a status board updating its clients about patch statuses of Log4j across its products. Going forward, it remains to be seen exactly what toll does the flaw take — which can be pretty severe given the number of websites and services that are within its purview.