Log4Shell Vulnerability - Details

What happened?

On December 9th, 2021, a zero-day exploit in the popular Java logging library “Log4J” (version 2) was discovered and widely publicized. The vulnerability can be used to execute code remotely, by tricking a system into logging a specific malicious string.

More technical details of this vulnerability can be found at this third-party resource

Who is impacted?​

Many, many services are vulnerable to this exploit. Cloud services like Steam, Apple iCloud, and apps like Minecraft have already been found to be vulnerable.

An extensive list of responses from impacted organizations has been compiled here.

Anybody using Apache Struts is likely vulnerable. We've seen similar vulnerabilities exploited before in breaches like the 2017 Equifax data breach.

Many Open Source projects like the Minecraft server, Paper, have already begun patching their usage of log4j2.

What is required of app developers?

Version 2.15.0 of the log4j library has been released, without the vulnerability. This release can be downloaded from Apache's official Log4j page, or from your language's package manager (Maven Central for example). App developers must immediately update any apps and integrations that use the Log4J Java library. Failure to do so may result in merchant data being compromised, and will put your application in violation

 
If upgrading is not possible, using the suggested temporary mitigation will also decrease the impact of the vulnerability. Common software solutions that may need patching or reconfiguration include Apache Solr, Apache Lucene, ElasticSearch, and other Java/JVM-based supporting applications

What is a Malware and its differences?

Cyber Security

Cybersecurity is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access.

What is a Malware

Computer Security Risks is any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability.

Malware is software written specifically to harm and infect the host system. Malware includes viruses along with other types of software such as trojan horses, worms, spyware, and adware. Advanced malware such as ransomware are used to commit financial fraud and extort money from computer users.

Common types of malware:

• Virus: As discussed, Virus is a specific type of malware by itself. It is a contagious piece of code that infects the other software on the host system and spreads itself once it is run. It is mostly known to spread when software is shared between computers. This acts more like a parasite.

• Adware: Adware is also known as advertising-supported software. It is software which renders advertisements for the purpose of generating revenue for its author. The advertisements are published on the screen presented to the user at the time of installation. Adware is programmed to examine which Internet sites, the user visits frequently and to present and feature related advertisements. Not all adware has malicious intent, but it becomes a problem anyway because it harms computer performance and can be annoying.

• Spyware: This type of malicious software, spies on you, tracks your internet activities. It helps the hacker in gathering information about the victim’s system, without the consent of the victim. This spyware’s presence is typically hidden from the host and it is very difficult to detect.

• Worms: This type of malware will replicate itself  and destroys information and files saved on the host PC. It works to eat up all the system operating files and data files on a drive.

• Trojan: Trojans are a type of virus that are designed to make a user think they are a safe program and run them. They may be  programmed to steal personal and  financial information, and later take over the resources of the host computer’s system files.  In large systems it may attempt to make a host system or network resource unavailable to those attempting to reach it.

• Ransomware: Ransomware is an advanced type of malware that restricts access to the computer system until the user pays a fee.  Your screen might show a pop up warning that your have been locked out of your computer and  that you can access only after paying the cyber criminal. The cyber criminal demands a ransom to be paid in order for the restriction to be removed. The infamous Cryptolocker is one type of ransomware.

It is very difficult to live without computers or mobile devices and we have come to depend on them for many activities – communication, online purchases and payments, etc.., In order to protect our devices and data against the different types of malware mentioned above, an effective anti-malware solution is required.

Though it is commonly believed that free antivirus products are not effective enough here a link which was suggested by #PCMag for top 10 Free anti virus in this year. These are as effective as paid software's