The registry library for millions of applications has a serious vulnerability

A vulnerability called Log4Shell exists in the open source registry library Log4j that leaves millions of devices vulnerable to attacks. as the edge Notes, apps, and services keep a log of all the events that happen while they’re running, giving them a way to analyze how their program is performing and see what went wrong if errors occur. Log4j happens to be a popular and widely used logging library, even popular cloud services like Steam and iCloud, as well as apps like Amazon, Twitter, Maine Craft It is said to be vulnerable to attacks that exploit Log4Shell.

according to Ars TechnicaAfter that, he appeared for the first time Maine Craft Websites have started reporting a vulnerability that allows hackers to execute malicious code in the game. Soon it turned out that the problem does not affect Maine Craft Just. Security researcher Marcus Hutchins, who helped stop the spread of the WannaCry malware, Call The vulnerability is “too bad” because millions of apps use Log4j to log.

Bad actors can use it to remotely execute codes on servers, instructing them to download and run malware that will put corporate and people’s data at risk. What’s worse is that it is very easy to exploit and can be triggered simply by posting messages. Hutchins said so just in case Maine Craft, the attackers were able to remotely execute the code by posting a message on the chat box. In a blog post, app security company LunaSec said that unlocking the vulnerability in Apple’s servers is as easy as changing the name of an iPhone.

Log4j has already released a fix for the vulnerability and affected services such as Maine Craft And Cloudflare has already rolled out patches to protect users. Those who manage their own networks using Log4j may also want to patch their systems as soon as possible if they can.

All products recommended by Engadget are handpicked by our editorial team, independently of the parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Source link

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button