minecraft

What is the Log4j Vulnerability?

Log4j is a widely-used library of log files for applications written in the Java programming language. It copies down everything that happens when a Java program runs. NPR spoke to Andrew Morris, founder and CEO of cyber intelligence firm GreyNoise, who described Log4j as “…a modular component that's used in many, many different kinds of software. And its job is... just basically recording things that happened and writing them to another computer somewhere else.” In December of 2021, Log4j was found to be vulnerable to remote code execution.

Put more simply, Log4j is a vulnerable logging library that allows attackers to take control of remote devices running Java software. This represents a severe security risk. Gadgets 360 reports that "the Apache Log4j Remote Code Execution Vulnerability is the single biggest, most critical vulnerability of the last decade," said Amit Yoran, chief executive of Tenable, a network security firm, and the founding director of the US Computer Emergency Readiness Team.

One of the most popular programs affected by this vulnerability is Minecraft. John Hammond, a noted cybersecurity researcher, recently posted a video showing how Log4j could be exploited in Minecraft, allowing a remote user to access the calculator of a system (proving that any other program or command could also be run). Tech Times posted an article detailing how Minecraft users can defend against this threat.

Unfortunately, Minecraft is not the only vulnerable software. Speaking to CNET, Nadir Izrael (CTO and co-founder of IoT security company Armis) said that “generally speaking, any consumer device that uses a web server could be running Apache. Apache is widely used in devices like smart TVs, DVR systems and security cameras. Think about how many of these devices are sitting in loading docks or warehouses, unconnected to the internet, and unable to receive security updates. The day they're unboxed and connected, they're immediately vulnerable to attack."

To mitigate this threat, users should continue to install all security patches and updates as soon as possible. As companies roll out patches to this vulnerability, it is important to stay on top of those updates!