The most pressing and worrying bit of news to have made waves in recent days and weeks is Log4j2. We’re talking about a zero-day vulnerability with one of the most popular and well-used libraries in the widely adopted Java Virtual Machine. It’s not a surprise then, that a gaping security hole in JVM has thrown the web community in a bit of a panic. So far, thousands of sites have been affected.
Thankfully, your favourite text editor, ConTEXT hasn’t been impacted by this Log4j2 vulnerability or is susceptible for malware there to leech into our systems. Alas, it hasn’t prevented many platforms and services to undergo intense security check-ups to patch up these leaks. So, what is all this going on, then? For starters, this vulnerability affecting Log4j2 is better known as CVE-2021-44228.
An Extremely Worrying Set Of Circumstances
What it is, in essence, is a remote code execution bug. Once someone’s broken through it, they could control the entire contents of a particular log message. This, consequently, allows them full access to execute any piece of code of their choosing, whatever they want, to infect your systems. At first, the concerns were brushed aside as most users don’t have access to these message logs, anyway.
Unfortunately, it can nonetheless lead to a dangerous attack vector that can infect application logs, for example. Even a simple username could open up an attack vector within Log4j2-based code to exploit that command execution. In other words, any connection you might have with Log4j2 has either already been compromised, or is vulnerable to one. It not only includes your own software.
However, it can impact programmes that you use day-to-day, such as those built by a software-as-a-service provider. That’s not to mention malware carried unwillingly by anyone who’s had access to your systems. On the bright side, security upgrades are underway to stamp out these vulnerabilities within Log4j2. The downside is that these patches can only fix certain security issues, but not others.