Winet not affected by critical Java vulnerability

Since this week circulates a threatening security gap (also called zero-day vulnerability) in the Java software library (log4j), which has since threatened many programs and half the Internet. The National Cyber Security Centre (NZCS) has thereby IT Threat Situation 4 / Red proclaimed: https://www.ncsc.admin.ch/ncsc/de/home/aktuell/im-fokus/log4j.html

All-clear for Winet customers and partners:
✅ Winet's products, services & services are not affected by the circulating Java security vulnerability and can still be used without hesitation

The IT threat makes half the Internet unsafe. A zero-day vulnerability that exploits a flaw in the Java software Log4j leaves numerous servers, programs and apps vulnerable. Cybersecurity experts worldwide warn.

Cause and effect

Many applications and online services written in the Java programming language are not available because of a until recently unknown Java vulnerability vulnerable.

On December 9, IT security experts and various websites drew attention to a zero-day vulnerability in the Java logging library Log4j. The vulnerability, which has since been given the number "CVE-2021-44228", could lead to attackers being able to access affected computers malware execute. This IT threat, known as Remote Code Execution (RCE), is considered one of the most potentially devastating attacks.

According to IT security authorities in various countries, attacks have already taken place. Apparently, information about the vulnerability and an included attack tool (exploit) have been published on the Internet.

Which services are affected

Vulnerability in the Java software Log4j

Several million apps, programs and services from different vendors use log4j for logging. This includes especially the following manufacturers and services:

  • Apple
  • Twitter
  • Steam
  • Tesla
  • Apache applications (Struts, Solr and Druid)
  • Redis
  • ElasticSearch
  • Online games like "Minecraft

What counteracts the threat?

Many server administrators (admins) have been trying to save their software and programs and secure their systems since the security vulnerability appeared. Only recently, the first software updates ("patches") have been made available.

Internet users should be especially careful in the near future and, above all, must count on the providers to install the patch quickly.

# News

Current
Current

MS Teams prices rise sharply by 25%

November 18, 2024
On Tuesday, Microsoft announced the price changes for Teams Phone and Copilot. For Teams Phone, a cloud-based service, the...
more
Current

The new Microsoft Teams factsheet is here.

October 11, 2024
Do you also want to use your Microsoft Teams solution for business telephony, but don't want to connect to the telephony network yourself? Perhaps...
more
Avaya IP Office 11.1.3.0
Current

Patch Avaya IP Office now due to critical security leaks

July 1, 2024
There are serious security vulnerabilities in Avaya IP Office. Unauthorized persons can exploit these vulnerabilities in the IP telephony software, which are classified as critical, to...
more
Current

Why it's not worth importing sugar beets.

November 9, 2022
VoIP telephony from your region: refined and precisely dosed.
Current

Why you shouldn't store your apples in a Seattle store.

November 9, 2022
VoIP telephony from your region: well stored in the Swiss cloud.
Current

Why you shouldn't buy your carrots from the dealer in Washington.

November 9, 2022
VoIP telephony from your region: well-rooted, tasty, fresh.