News of the Apache Log4j vulnerability exploit came on December 9th, and is striking fear into the software world, for both vendors and users. Log4j is the most popular java logging service with over 400,000 Github downloads; Log4j has been embedded in hundreds of Internet services and products from companies all over the world, including Apple, Amazon, Cloudflare, Steam, Tesla, Twitter, and many more.

Exploiting this vulnerability is simple and allows threat actors to bypass authentication, control java-based web servers via numerous device types (see diagram to the right) and launch remote code execution attacks. New variations of the original exploit are already being introduced – over 60 in less than 24 hours. The attack surface grows by the minute. Good credential management and advanced authentication won’t help as this exploit is pre-authentication, which means an attacker doesn’t need to authenticate to your web applications in order to attack.

 

IT Operations is on the front lines to protect every enterprise from Log4j

Step one: FIND Log4j wherever it exists

Investigate every internet-facing application, website, and system that you own or use. This includes self-hosted installs of vendor products and cloud-based services. Focus on internet-facing systems that contain sensitive data. Once you’ve completed assessing your hosted apps and vendor systems, move on to endpoint applications including Java-based apps like WebEx, Minecraft, and Citrix.

By noon CST on Friday, December 10th, BigFix had provided customers with specialized tools to help find log4j wherever it existed in their environment, including file systems, across nearly 100 operating system variants. Full visibility is step one to provide complete protection against Log4j based threats.

         BigFix’s 24-hour response

 

Step two: Patch, patch, patch. Patch in the same order in Step one. If no patch or workaround is yet available, uninstall.

BigFix automates discovery, management, and remediation of all endpoints whether on-premises, mobile, virtual, or in the cloud – regardless of the operating system, location, or connectivity.

The pandemic has forced many endpoints into home environments which creates makes it more difficult to keep your endpoints patched and compliant. Operations teams cannot rely on employees working from home to patch their own systems, even with clear instructions. Many of them will also ignore your requests so you need to adopt systems that enforce continuous compliance, like BigFix.

IT Operations is essential to beating this. BigFix is the essential tool for IT Operations

We believe this vulnerability is not going to go away any time soon. We’re just starting to get a glimpse of how this is being exploited. New ransomware attacks have already been launched using this vulnerability. Buckle up IT Operations teams, it’s going to be a while before this vulnerability is fully remediated.

How can BigFix help?

BigFix automates discovery, management, and remediation of all endpoints whether on-premises, mobile, virtual, or in the cloud – regardless of the operating system, location, or connectivity. BigFix Insights for Vulnerability Remediation integrates with leading vulnerability management solutions like Tenable to remediate vulnerabilities like Log4j faster than any other solution in the market.

For the latest information about Log4J, visit https://www.hcltechsw.com/bigfix/log4j.

For more information about BigFix, please visit www.bigfix.com.

 

Comment wrap
Further Reading
article-img
Automation | January 19, 2022
BigFix extends Inventory Capability to Discover Software in Containers
Container Software Discovery is a new feature of BigFix Inventory that helps organizations report on all software deployed in an environment including the software running in containers.
article-img
Automation | November 30, 2021
Patch Posture Reporting Significantly Improves Security
Patch posture reporting enables IT Operations and Security teams to much more effectively identify and mitigate security risks, reduce operational costs and demonstrate policy/regulation compliance. 
article-img
Automation | November 23, 2021
BigFix Redefines Unified Endpoint Management
BigFix offers integrated UEM, client, server, cloud management with intelligent automation, the world's fastest vulnerability remediation, software inventory and more. 
Close