Skip to content
Insights + News/Newsroom + Press

Ensono Update on Log4j Security Advisory

On December 10, 2021, the Apache Software Foundation published an advisory to address a critical remote code execution vulnerability (CVE-2021-44228) affecting Log4j versions 2.0-beta9 to 2.14.1. In response to this advisory, the Cybersecurity & Infrastructure Security Agency (CISA) is encouraging users and administrators to upgrade Log4j.  Additional updates from Apache resulted in a recommendation to update to version 2.17.0 or apply the recommended mitigations immediately. See CISA website for more details: ​​Apache Log4j Vulnerability Guidance | CISA

Ensono has assessed the potential impact of this vulnerability on Ensono’s services and clients Ensono has applied all currently published signatures to its firewalls and endpoint protection software and thus far, Ensono continues to find no indication of published compromises.

Ensono has remediated a large number of systems and continues to remediate remaining impacted systems in accordance with third party vendor recommendations. For clients that have vulnerability scanning as part of their services, these environments are being scanned and reports are being provided to the clients and appropriate Ensono teams for action.

“As we continue to monitor the vulnerability affecting Log4j, we want to assure all our clients and stakeholders that Ensono is actively scanning environments and has so far found no indication of compromises,” said Savio Lobo, chief information officer at Ensono. “We will continue to assess how this threat evolves and take necessary actions to ensure that our client’s systems are protected.”

For more information, please contact your CSM or TDM at Ensono.

Don't miss the latest from Ensono


Keep up with Ensono

Innovation never stops, and we support you at every stage. From infrastructure-as-a-service advances to upcoming webinars, explore our news here.

Start your digital transformation today.