Ensono Update on Log4j Security Advisory
On December 10, 2021, the Apache Software Foundation published an advisory to address a critical remote code execution vulnerability (CVE-2021-44228) affecting Log4j versions 2.0-beta9 to 2.14.1. In response to this advisory, the Cybersecurity & Infrastructure Security Agency (CISA) is encouraging users and administrators to upgrade Log4j. Additional updates from Apache resulted in a recommendation to update to version 2.17.0 or apply the recommended mitigations immediately. See CISA website for more details: Apache Log4j Vulnerability Guidance | CISA
Ensono has assessed the potential impact of this vulnerability on Ensono’s services and clients Ensono has applied all currently published signatures to its firewalls and endpoint protection software and thus far, Ensono continues to find no indication of published compromises.
Ensono has remediated a large number of systems and continues to remediate remaining impacted systems in accordance with third party vendor recommendations. For clients that have vulnerability scanning as part of their services, these environments are being scanned and reports are being provided to the clients and appropriate Ensono teams for action.
“As we continue to monitor the vulnerability affecting Log4j, we want to assure all our clients and stakeholders that Ensono is actively scanning environments and has so far found no indication of compromises,” said Savio Lobo, chief information officer at Ensono. “We will continue to assess how this threat evolves and take necessary actions to ensure that our client’s systems are protected.”
For more information, please contact your CSM or TDM at Ensono.
Don't miss the latest from Ensono
Keep up with Ensono
Innovation never stops, and we support you at every stage. From infrastructure-as-a-service advances to upcoming webinars, explore our news here.
Company announcements | May 18, 2023
New research: UK retailers boost tech investment as they face losing nearly one-third of customers as cost-of-living worsens
Company announcements | May 17, 2023
Ensono Renews Microsoft Azure Expert Managed Services Provider Status for Fourth Consecutive Year
Company announcements | March 23, 2023