Breaking News & Headlines

Microsoft: Log4j Remains A Major Security Risk

0 34,287

Microsoft warns Windows and Azure customers to continue to watch out for misuse of Log4j, the open source component that is incorporated in many applications. The company sees hackers of all calibres working with the vulnerability.


Apache Log4j is a Java-based tool that is incorporated into many applications. On December 9, it was announced that the then version contains a vulnerability with which hackers can strike. Quick patching was the message.

This has happened in many places, but because it is often incorporated into other applications, it is not immediately clear where Log4j is located because it is a piece of code. As a result, Microsoft now warns again to be very careful and calls on you to check whether your infrastructure uses it with scripts and scan tools.

Specifically, the Microsoft Threat Intelligence Center says it sees advanced state hackers as well as “regular” cybercriminals actively scanning for the vulnerability or incorporating its abuse into their existing malware kits. As a result, the company fears it could take years before the risk is mitigated everywhere.

Shortly after the announcement of Log4Shell, the name given to the specific vulnerability in Log4j, it became clear that hackers had been exploiting the problem since December 1. Later in the month, the Ministry of Defense in Belgium was the victim of a cyber attack as a result of the incident.

Leave A Reply