SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
What is Log4J and how does it affect you?
Fri, 24th Dec 2021
FYI, this story is more than a year old

Norton Labs answers some common questions about the widespread software bug Log4J.

The new software vulnerability exists on many platforms and services and has recently gotten a lot of media attention. For a good reason, as it potentially exists in everything from Android phones to the Minecraft gaming platform.

"The question on the minds of many consumers is what should I do?" says Norton Labs technical director, Snorre Fagerland.

"Our best advice is to update your systems and applications. Make sure you're running the latest versions. That way, you can ensure programs have the latest patches that fix software bugs. There's a lot more to it, but most of that's in the hands of security teams worldwide."

Here's what you need to know about the software vulnerability and how it could affect you:

What is Log 4j?  
The new software vulnerability has received the nickname Log4shell. The Apache Log4j is an open source software library used by many Java programs to process and log events, such as errors.  

Most people have probably heard of Java; the cross-platform software is used in numerous applications used by ordinary people and companies alike. According to Oracle, more than 13 billion devices run Java.

What products are vulnerable?   
The vulnerable versions of Apache Log4j are version 2.0 to 2.15. New patched versions have been released, but it will take considerable time before these have been updated everywhere Log4j is used. Because this vulnerability is still being researched, additional patched versions are likely.

The list of vulnerable and potentially vulnerable products that use Log4j is long. CISA maintains an overview, but many of the largest software vendors and products available have been mentioned as vulnerable to some extent.  

These include Microsoft, IBM, Amazon, Apache, Akamai, Atlassian, Broadcom, Cisco, and others.

What can you do as a home user?  
"Other than keeping your devices updated as well as possible, there is not a lot one can do," says Fagerland.

"If you run a Java-enabled server of any kind - for example, a Minecraft server - you should make sure that all the latest patches are applied."

What are the broader risks of the flaw? 
Cybercriminals can potentially use the flaw to break into various internet services and steal user data. That information could then be used for further malicious activity, such as identity theft.

Are internet-connected devices at risk?  
It's possible that internet-enabled consumer electronics could be at risk. If they run a Java-enabled Apache web server, smart TVs, DVRs, and security cameras might be vulnerable and could be taken over by criminals.  

Do Norton products protect against this flaw?   
Although this security flaw will not impact consumers as much as enterprises, Norton products will detect instances of the flaw being exploited and malware planted.