One of our clients was using the Log4j software library to manage their logging services and hence, they were one of the at-risk companies that required an immediate and resilient remediation solution.
If not addressed promptly and properly, this vulnerability could have created devastating impacts including:
- Disruption in regular business operations
- Major incident response and recovery costs
- Damage brand’s reputation
Based on the analysis of the servers, whether they are Windows or Linux, we have implemented the following remediation steps to mitigate this Log4j vulnerability:
Step #1: Initially upgraded the log4j2 java class, which was the preferred remediation option but despite the upgrade, vulnerabilities continued. Hence, eventually, the java class was upgraded to the latest version.
Step #2: Removed the JNDI Lookup class from the class-path, but this option eventually did not prove to be efficient against the vulnerability.
Step #3: Removed the JNDI classes from the jar file.
Step #4: Applied a fix provided by technical team, wherever applicable, such as in the case of Adobe or other third-party applications.
Step #5: In the case of high-risk external client applications, uninstalled the software itself.
Step #6: Coordinated effectively with product owners and vendors to ensure that there is no impact.
Step #7: Constant monitoring (hourly monitoring) of the vulnerability using the required scanning tools.
Here is the learning outcome (result) of this case:
- The in time response to the vulnerability has saved our client from any serious cyber-incidents (including remote code execution by unauthenticated users)
- Proper coordination and communication with the client, vendors and third-parties has made this implementation process easier.
Do you want to protect your enterprise from this Log4j Vulnerability – Speak with our expert right now