What is the Log4j Attack and Will It Affect You?
From time to time computer and website security risks arise. Recently, one very serious one called "Log4j" has been identified and has been flagged by the community as a whole as a very high risk issue that should be taken seriously by developers. We at AspenTech take your system security very seriously so wanted to give you an update on this security breach and it it affects the primary products we support.
What is "Log4j"?
Here is a great article that explains what an RCE attack is and the basics for how to prevent it. An excerpt from that article:
We have not identified any exploitable vulnerabilities related to the Log4j issue in any of our Zoho cloud services. Our cloud services have third-party components that could be potentially vulnerable and hence as a safety measure we have applied the mitigation patch to all our services. We have found no evidence of any successful exploitation as of today. We are continuing to analyze the issue and will provide updates of any new findings. Rest assured that there are no causes for concerns for Zoho users..
Will this affect your Act! or Zoho systems?
Statement by Act! regarding the Log4j Attack:
It was recently announced by the Apache Foundation that Log4j, a popular Java logging library, is vulnerable to remote code execution. Immediately following the announcement of this serious vulnerability, our engineering and security teams evaluated all of our products, integrations and internal services for any potential impact. We have not detected any exploit attempts on our systems or solutions. We have completed an audit of our systems and do not believe this exploit represents a threat to our customers. We will continue to monitor our environment and notify our customers and partners as we learn more.– Statement from Act! to the Certified Consultant Community on 12/16/21
Statement by Zoho regarding the Log4j Attack:
It was recently announced by the Apache Foundation that Log4j, a popular Java logging library, is vulnerable to remote code execution. Immediately following the announcement of this serious vulnerability, our engineering and security teams evaluated all of our products, integrations and internal services for any potential impact. We have not detected any exploit attempts on our systems or solutions. We have completed an audit of our systems and do not believe this exploit represents a threat to our customers. We will continue to monitor our environment and notify our customers and partners as we learn more.– Statement from Zoho on 12/13/21
Will this affect other programs you use?
Of course, we understand you use many other programs and services in your day to day business operations. Here are some links from other major software developers we have noticed to date. We suggest you investigate any program you use, listed here or not.
Need Help with Your CRM system?
At AspenTech CRM, we meet your customer data challenges head-on. We address every issue you might have with your CRM – whether it involves selection, technology, training, or process – and create a manageable plan. We then work with you to implement that plan so you can use your CRM to its fullest potential, giving you a 360° view of your customers – and your business. Contact us or call 866-880-4228 to start a conversation with one of our CRM experts.
Related Articles:
Passwords: A Key Security Feature of Your CRM
Managing User & Record Security in Zoho CRM
Phishing Attacks Are on the Rise – How to Protect Yourself
