Info-Apache Log4j Remote Code Execution Vulnerability in thousands of servers


glasskuter

aka Mama Glass
Guru
VIP
Local time
11:32 PM
Posts
7,878
Location
The Lone Star State of Texas
OS
Windows 11 Pro 23H2 22631.4169
According to recent articles, "hundreds of millions" of internet-connected devices and services are vulnerable to hackers because of a newly discovered security flaw in a widely used piece of computer code used by many servers. The vulnerability is found in log4j, an open-source, java based, Apache logging library used by apps and services across the internet, many which are used by the federal government. It could allow hackers to run malicious code on targeted computer systems for purposes including espionage and ransomware .

According to the experts, generally speaking any consumer device that uses a web server could be running Apache. It is widely used in devices like smart TVs, DVR systems and security cameras. The government and Microsoft are scrambling to identify the many servers involved.

So far, Microsoft has found this vulnerability in its own products, Azure Spring Cloud, Azure Databricks, Azure DevOps and Minecraft. MS patched their Minecraft server, but it still exists in non-Microsoft hosted Minecraft servers. CVE-2021-44228 - Security Update Guide - Microsoft - Apache Log4j Remote Code Execution Vulnerability addresses the MS servers identified so far that require customer action.

All that said, can someone answer 2 questions for me. Java code has caused security problems for years. Why is it still allowed to be used? And why in the world would our government, Microsoft, and Security companies give a heads up to all the hackers out there that the flaw exists in the first place before it is fully mitigated? It’s like saying “Exploit me!” Makes no sense to me.

 

My Computers

System One System Two

  • OS
    Windows 11 Pro 23H2 22631.4169
    Computer type
    PC/Desktop
    Manufacturer/Model
    Dell Optiplex 7080
    CPU
    i9-10900 10 core 20 threads
    Motherboard
    DELL 0J37VM
    Memory
    32 gb
    Graphics Card(s)
    none-Intel UHD Graphics 630
    Sound Card
    Integrated Realtek
    Monitor(s) Displays
    Benq 27
    Screen Resolution
    2560x1440
    Hard Drives
    1tb Solidigm m.2 nvme+256gb SKHynix m.2 nvme /External +512gb Samsung m.2 sata+1tb Kingston m2.nvme
    PSU
    500w
    Case
    MT
    Cooling
    Dell Premium
    Keyboard
    Logitech wired
    Mouse
    Logitech wireless
    Internet Speed
    so slow I'm too embarrassed to tell
    Browser
    Firefox
    Antivirus
    Defender+MWB Premium
  • Operating System
    Windows 10 Pro 22H2 19045.3930
    Computer type
    PC/Desktop
    Manufacturer/Model
    Dell Optiplex 9020
    CPU
    i7-4770
    Memory
    24 gb
    Monitor(s) Displays
    Benq 27
    Screen Resolution
    2560x1440
    Hard Drives
    256 gb Toshiba BG4 M.2 NVE SSB and 1 tb hdd
    PSU
    500w
    Case
    MT
    Cooling
    Dell factory
    Mouse
    Logitech wireless
    Keyboard
    Logitech wired
    Internet Speed
    still not telling
    Browser
    Firefox
    Antivirus
    Defender+MWB Premium
Well.. Java is popular and many people use it. The question should be why would anyone use it in critical systems since it has a long history of vulnerabilities. Part two.. the hacker(s) knew about this before anyone made an announcement about the issue. Trust me.. hackers are miles ahead of the Gov etc. :cool:
 

My Computer

System One

  • OS
    Windows 11 Home(Release Preview) - 24H2 - 26100.1882
    Computer type
    PC/Desktop
    Manufacturer/Model
    Banana Junior 5600- G Series
    CPU
    AMD Ryzen 5 5600G
    Motherboard
    Asus ROG Strix B550-F
    Memory
    G.SKILL Ripjaws V Series 64GB 4x16
    Graphics Card(s)
    NVIDIA GeForce GTX TITAN X
    Monitor(s) Displays
    28" ASUS VP28U
    Screen Resolution
    4K
    Hard Drives
    Primary SAMSUNG 970 EVO Plus
    PSU
    EVGA BQ 700w 80+ Bronze
    Case
    Zalman i3 NEO
    Cooling
    ARCTIC Freezer 7 X
    Keyboard
    Corsair
    Mouse
    Amazon Generic with Cord
    Internet Speed
    Download: 295.11 mbps Upload: 65.35 mbps T-Mobile Internet
    Browser
    Firefox and Edge
    Antivirus
    MS - Defender
    Other Info
    Speakers: Klipsch ProMedia 2.1
One more thought.. the other reason Java is used is because it's a great cross platform language. You can basically code it one time and run it just about anywhere. This makes life easier for developers but in this case I believe the code hasn't been maintained properly hence this issue.

Is java better now in terms of vulnerability? Yes.. but it's far from as good as it should be. IMO.
 

My Computer

System One

  • OS
    Windows 11 Home(Release Preview) - 24H2 - 26100.1882
    Computer type
    PC/Desktop
    Manufacturer/Model
    Banana Junior 5600- G Series
    CPU
    AMD Ryzen 5 5600G
    Motherboard
    Asus ROG Strix B550-F
    Memory
    G.SKILL Ripjaws V Series 64GB 4x16
    Graphics Card(s)
    NVIDIA GeForce GTX TITAN X
    Monitor(s) Displays
    28" ASUS VP28U
    Screen Resolution
    4K
    Hard Drives
    Primary SAMSUNG 970 EVO Plus
    PSU
    EVGA BQ 700w 80+ Bronze
    Case
    Zalman i3 NEO
    Cooling
    ARCTIC Freezer 7 X
    Keyboard
    Corsair
    Mouse
    Amazon Generic with Cord
    Internet Speed
    Download: 295.11 mbps Upload: 65.35 mbps T-Mobile Internet
    Browser
    Firefox and Edge
    Antivirus
    MS - Defender
    Other Info
    Speakers: Klipsch ProMedia 2.1
hackers are miles ahead of the Gov
They don't have to be traveling very fast to stay ahead of OUR government. Too much talk, not enough action.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro 23H2 22631.4169
    Computer type
    PC/Desktop
    Manufacturer/Model
    Dell Optiplex 7080
    CPU
    i9-10900 10 core 20 threads
    Motherboard
    DELL 0J37VM
    Memory
    32 gb
    Graphics Card(s)
    none-Intel UHD Graphics 630
    Sound Card
    Integrated Realtek
    Monitor(s) Displays
    Benq 27
    Screen Resolution
    2560x1440
    Hard Drives
    1tb Solidigm m.2 nvme+256gb SKHynix m.2 nvme /External +512gb Samsung m.2 sata+1tb Kingston m2.nvme
    PSU
    500w
    Case
    MT
    Cooling
    Dell Premium
    Keyboard
    Logitech wired
    Mouse
    Logitech wireless
    Internet Speed
    so slow I'm too embarrassed to tell
    Browser
    Firefox
    Antivirus
    Defender+MWB Premium
  • Operating System
    Windows 10 Pro 22H2 19045.3930
    Computer type
    PC/Desktop
    Manufacturer/Model
    Dell Optiplex 9020
    CPU
    i7-4770
    Memory
    24 gb
    Monitor(s) Displays
    Benq 27
    Screen Resolution
    2560x1440
    Hard Drives
    256 gb Toshiba BG4 M.2 NVE SSB and 1 tb hdd
    PSU
    500w
    Case
    MT
    Cooling
    Dell factory
    Mouse
    Logitech wireless
    Keyboard
    Logitech wired
    Internet Speed
    still not telling
    Browser
    Firefox
    Antivirus
    Defender+MWB Premium
They don't have to be traveling very fast to stay ahead of OUR government. Too much talk, not enough action.
Well.. the gov can't test every bit of code for vulnerabilities.
 

My Computer

System One

  • OS
    Windows 11 Home(Release Preview) - 24H2 - 26100.1882
    Computer type
    PC/Desktop
    Manufacturer/Model
    Banana Junior 5600- G Series
    CPU
    AMD Ryzen 5 5600G
    Motherboard
    Asus ROG Strix B550-F
    Memory
    G.SKILL Ripjaws V Series 64GB 4x16
    Graphics Card(s)
    NVIDIA GeForce GTX TITAN X
    Monitor(s) Displays
    28" ASUS VP28U
    Screen Resolution
    4K
    Hard Drives
    Primary SAMSUNG 970 EVO Plus
    PSU
    EVGA BQ 700w 80+ Bronze
    Case
    Zalman i3 NEO
    Cooling
    ARCTIC Freezer 7 X
    Keyboard
    Corsair
    Mouse
    Amazon Generic with Cord
    Internet Speed
    Download: 295.11 mbps Upload: 65.35 mbps T-Mobile Internet
    Browser
    Firefox and Edge
    Antivirus
    MS - Defender
    Other Info
    Speakers: Klipsch ProMedia 2.1
@BunnyJ You're the coder so I lean to your expert wisdom. :LOL:
 

My Computers

System One System Two

  • OS
    Windows 11 Pro 23H2 22631.4169
    Computer type
    PC/Desktop
    Manufacturer/Model
    Dell Optiplex 7080
    CPU
    i9-10900 10 core 20 threads
    Motherboard
    DELL 0J37VM
    Memory
    32 gb
    Graphics Card(s)
    none-Intel UHD Graphics 630
    Sound Card
    Integrated Realtek
    Monitor(s) Displays
    Benq 27
    Screen Resolution
    2560x1440
    Hard Drives
    1tb Solidigm m.2 nvme+256gb SKHynix m.2 nvme /External +512gb Samsung m.2 sata+1tb Kingston m2.nvme
    PSU
    500w
    Case
    MT
    Cooling
    Dell Premium
    Keyboard
    Logitech wired
    Mouse
    Logitech wireless
    Internet Speed
    so slow I'm too embarrassed to tell
    Browser
    Firefox
    Antivirus
    Defender+MWB Premium
  • Operating System
    Windows 10 Pro 22H2 19045.3930
    Computer type
    PC/Desktop
    Manufacturer/Model
    Dell Optiplex 9020
    CPU
    i7-4770
    Memory
    24 gb
    Monitor(s) Displays
    Benq 27
    Screen Resolution
    2560x1440
    Hard Drives
    256 gb Toshiba BG4 M.2 NVE SSB and 1 tb hdd
    PSU
    500w
    Case
    MT
    Cooling
    Dell factory
    Mouse
    Logitech wireless
    Keyboard
    Logitech wired
    Internet Speed
    still not telling
    Browser
    Firefox
    Antivirus
    Defender+MWB Premium

My Computer

System One

  • OS
    Windows 11 Home(Release Preview) - 24H2 - 26100.1882
    Computer type
    PC/Desktop
    Manufacturer/Model
    Banana Junior 5600- G Series
    CPU
    AMD Ryzen 5 5600G
    Motherboard
    Asus ROG Strix B550-F
    Memory
    G.SKILL Ripjaws V Series 64GB 4x16
    Graphics Card(s)
    NVIDIA GeForce GTX TITAN X
    Monitor(s) Displays
    28" ASUS VP28U
    Screen Resolution
    4K
    Hard Drives
    Primary SAMSUNG 970 EVO Plus
    PSU
    EVGA BQ 700w 80+ Bronze
    Case
    Zalman i3 NEO
    Cooling
    ARCTIC Freezer 7 X
    Keyboard
    Corsair
    Mouse
    Amazon Generic with Cord
    Internet Speed
    Download: 295.11 mbps Upload: 65.35 mbps T-Mobile Internet
    Browser
    Firefox and Edge
    Antivirus
    MS - Defender
    Other Info
    Speakers: Klipsch ProMedia 2.1
Why is it still allowed to be used?
Because the Java Virtual Machine allows portable client-server code to be written for many OSes (cross-platform development as @BunnyJ calls it). Microsoft have their own CLR (Common Language Runtime), so why do they not use it instead of Java SE? Turns out that Oracle Java and MS CLR implement the same standard. See next question for details.
And why in the world would our government, Microsoft, and Security companies give a heads up to all the hackers out there that the flaw exists in the first place before it is fully mitigated?

The standard originates in Europe. The ECMA (European Computer Manufacturers Association) wrote the ECMAscript (aka Java Script) standard, which is still being updated regularly.

Security flaws appear everywhere these days, from OSes, Applications, Client-side computing, Microprocessors, to BIOSes and TPM modules!!!

You may wish to view this article, written in 2015, which addresses similar questions about client-side computing, that this thread asks today:

Why Java is a “big deal”
Understanding Java
The brief anatomy of a Java exploit

...
So how do you protect yourself from cyber threats targeting Java?
Source:
Why are Java’s Vulnerabilities One of the Biggest Security Holes on Your Computer?
Hope that helps!!!
 

My Computers

System One System Two

  • OS
    Windows 11
    Computer type
    PC/Desktop
    CPU
    AMD Ryzen 5 5600
    Motherboard
    MSI B550-A Pro
    Memory
    16 GB
    Graphics Card(s)
    Sapphire Radeon RX 6500XT (8 GB version)
    Monitor(s) Displays
    BenQ Mobuiz EX2710Q QHD, Iiyama ProLite X23377HDS
    Hard Drives
    MSI Spatium M461 4TB
  • Operating System
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    Acer A114
    CPU
    Intel Celeron N4020
Because the Java Virtual Machine allows portable client-server code to be written for many OSes (cross-platform development as @BunnyJ calls it). Microsoft have their own CLR (Common Language Runtime), so why do they not use it instead of Java SE? Turns out that Oracle Java and MS CLR implement the same standard. See next question for details.


The standard originates in Europe. The ECMA (European Computer Manufacturers Association) wrote the ECMAscript (aka Java Script) standard, which is still being updated regularly.

Security flaws appear everywhere these days, from OSes, Applications, Client-side computing, Microprocessors, to BIOSes and TPM modules!!!

You may wish to view this article, written in 2015, which addresses similar questions about client-side computing, that this thread asks today:


Hope that helps!!!
JavaScript isn't Java..
 

My Computer

System One

  • OS
    Windows 11 Home(Release Preview) - 24H2 - 26100.1882
    Computer type
    PC/Desktop
    Manufacturer/Model
    Banana Junior 5600- G Series
    CPU
    AMD Ryzen 5 5600G
    Motherboard
    Asus ROG Strix B550-F
    Memory
    G.SKILL Ripjaws V Series 64GB 4x16
    Graphics Card(s)
    NVIDIA GeForce GTX TITAN X
    Monitor(s) Displays
    28" ASUS VP28U
    Screen Resolution
    4K
    Hard Drives
    Primary SAMSUNG 970 EVO Plus
    PSU
    EVGA BQ 700w 80+ Bronze
    Case
    Zalman i3 NEO
    Cooling
    ARCTIC Freezer 7 X
    Keyboard
    Corsair
    Mouse
    Amazon Generic with Cord
    Internet Speed
    Download: 295.11 mbps Upload: 65.35 mbps T-Mobile Internet
    Browser
    Firefox and Edge
    Antivirus
    MS - Defender
    Other Info
    Speakers: Klipsch ProMedia 2.1

Latest Support Threads

Back
Top Bottom