New IT vulnerability affects many
Apache has published a security update that handles this vulnerability in Log4j (CVE-2021-45046).
The most important measures that should be done immediately:
- investigate whether there are vulnerable systems in the organisation
- implement security updates immediately
- make sure to turn off vulnerable systems and services (if it is not possible to update security promptly)
- examine the IT environment for traces of an attack
Cert.se is Sweden's national Computer Security Incident Response Team with duties to support society with handling and prevent IT-incidents. Cert.se is part of the Swedish Civil Contingencies Agency, Myndigheten för samhällsskydd och beredskap (MSB).