in ,

AWS Offers Resources to Address Log4j Cyber Vulnerability

AWS Offers Resources to Address Log4j Cyber Vulnerability - top government contractors - best government contracting event
Amazon Web Services

Amazon Web Services has provided resources and recommendations to help organizations address a newly discovered vulnerability associated with the Log4j Java-based logging utility, which is part of the Apache Software Foundation’s logging services project.

AWS released a GitHub-available tool that users can run to hotpatch Java Virtual Machines with Log4j 2.0 and later versions, Mukhtar Kabir, an associate solutions architect at AWS, wrote in a blog entry published on Monday.

The hotpatch applies software updates to address Log4j’s remote code execution vulnerability labeled CVE-2021-44228. The information technology services company is also working on an updated Log4j library for all AWS services.

Additionally, AWS offers security services designed to protect systems, detect Log4j vulnerabilities and respond to threats. The services include the AWS Web Application Firewall, AWS Security Hub and AWS Systems Manager.

The Cybersecurity and Infrastructure Security Agency issued an emergency directive with actions that civilian agencies can take to mitigate the Log4j vulnerability, which has been exploited globally.

The Log4j logging package is used in websites, operational technology systems and enterprise services.

ExecutiveBiz Logo

Sign Up Now! ExecutiveBiz provides you with Daily Updates and News Briefings about Cybersecurity News

mm

Written by Nichols Martin

a staff writer at Executive Mosaic, produces articles on the federal government's technology and business interests. The coverage of these articles include government contracting, cybersecurity, information technology, health care and national security.

OneWeb Sends 36 Communications Satellites to Low-Earth Orbit; Neil Masterson Quoted - top government contractors - best government contracting event
OneWeb Sends 36 Communications Satellites to Low-Earth Orbit; Neil Masterson Quoted
Roy Stevens: Leidos to Provide CISA With Emergency Preparedness Support Services - top government contractors - best government contracting event
Roy Stevens: Leidos to Provide CISA With Emergency Preparedness Support Services