The Log4j vulnerability was first reported on Friday. It is turning out to be a nightmare for cyber security. Apart from Apple iCloud, it also affects a range of other enterprise products, including Twitter and Amazon. The US government’s cyber security agency has also issued a warning regarding this.
Log4j vulnerability discovered in Minecraft app
This vulnerability has also been recognized as Log4Shell. It was first highlighted by LunaSec researchers. It was first discovered in the Minecraft Minecraft app owned by Microsoft. LunaSec warns that “many services” are vulnerable because of the “everywhere” presence of Log4j. This is because this open-source Java library is used in almost all major Java-based enterprise apps and servers.
Hackers can hack the whole server
This vulnerability could allow an attacker to gain access to a computer system. If a hacker uses it properly, then he can control the entire server. The Log4j library in Java is used to keep a record of all the activities of an app. It is commonly used by software developers around the world. As per reports, it seems that this issue has been patched for everyone on Log4j 2.15.0 and above.
who has been affected
According to cyber security firm LunaSec, several services are vulnerable to the exploit of Log4Shell. These include gaming service- Steam, Apple’s iCloud etc. Microsoft’s Minecraft has issued a statement on how users can update the game to avoid this problem.
Many more companies – Apple, Tencent, Steam, Twitter, Baidu, DIDI, JD, NetEase, CloudFlare, Amazon, Tesla, Google, Webex, LinkedIn etc. are also being affected by this.
NetApp, which provides data management solutions for the cloud, has also made a statement. Said that their products are unsafe, as they widely adopt Log4j. It is believed that many mainstream services will be affected due to this.
<!–
–>
.