Response to Apache Log4j Remote Code Vulnerability: CVE-2021-44228

HSO is aware of active exploitation of a critical Log4j Remote Code Execution vulnerability affecting various industry-wide Apache products. This vulnerability is in the open source Java component Log4J versions 2.0 through 2.14.1 (inclusive) and is documented in Apache CVE-2021-44228.

Currently, HSO is not aware of any impact to the security of our product portfolio and has not experienced any degradation in availability of those services as a result of this vulnerability. In addition, we are following the information and guidance Microsoft is providing related to cloud business applications such as Microsoft Dynamics 365, Microsoft Power Apps, etc.

We advise our clients to follow the guidance, as updated from time to time, from Microsoft:

MSRC Blog: Microsoft’s Response to CVE-2021-44228 Apache Log4j 2
Microsoft Security Blog: Guidance for preventing detecting and hunting for CVE-2021-44228 log4j2 exploitation

If you wish to engage further with HSO on this specific topic then please contact us.

the results company

Business themes and challenges

Insights and business solutions

Purpose-built for your unique industry

Business improvement is a journey

Enrich your knowledge

Meet our organisation

Give us a call

Send an email

Question?

Response to Apache Log4j Remote Code Vulnerability: CVE-2021-44228