Firm Releases Log4j “fix” For Systems Unable To Update

Share post:

Cybersecurity firm Cybereason recently released a fix that fixes the Log4j zero-day vulnerability, which is currently being exploited by attackers.

Although some users have not been able to fix the Apache Log4Shell vulnerability, the fix ensures that those who have not been able to update their systems, or who have not been able to do so immediately, will continue to be able to patch their systems thanks to the “Logout4shell” tool, which is available to access GitHub and as the company says, “is a relatively simple fix that requires only basic Java skills to implement.”

Yonatan Striem-Amit, CTO of Cybereaso explained, explains what the Log4j vulnerability fixing tool looks like: “In short, the fix uses the vulnerability itself to set the flag that turns it off. Because the vulnerability is so easy to exploit and so ubiquitous–it’s one of the very few ways to close it in certain scenarios. You can permanently close the vulnerability by causing the server to save a configuration file, but that is a more difficult proposition. The simplest solution is to set up a server that will download and then run a class that changes the server’s configuration to not load things anymore.”

The solution met with mixed reactions from security experts. While some praised the company for its initiative, others believe that such a move is not enough to protect all organizations currently affected by the bug.

For more information read the original story in ZDNet.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Russian threat actor expanding its target list, warns Five Eyes report

APT29 is increasingly going after cloud services in mo

Canada’s privacy watchdog investigating hack at Global Affairs

Inquiry will look into adequacy of data safeguards at the federal

Sidebar: The powerful Digital Safety Commission

A look at the powers of the proposed five-person body charged with overseeing the Online

Cyber attack on Hamilton knocks out municipal phone, email

One of Ontario’s biggest cities is in the second day of dealing with a cyber attack. Hamilton, a municipality of about 570,000 on the shore of Lake Ontario, said Sunday it had suffered a city-wide phone and email “disruption” to municipal and public library services, which included the Bus Check Info Line and the HSRNow

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways