top of page
  • markderijk

Log4j - a TLDR summary for SME IT leaders


Log4J is a logging library for Java applications for which critical vulnerabilities was discovered.

An unauthenticated remote actor could exploit this vulnerability to take control of an affected system.

  • On December 10, 2021, Apache released Log4j 2.15.0 for Java 8 users to address a remote code execution (RCE) vulnerability—CVE-2021-44228.

  • On December 13, 2021, Apache released Log4j 2.12.2 for Java 7 users and Log4j 2.16.0 for Java 8 users to address a RCE vulnerability—CVE-2021-45046.

  • (Updated December 18, 2021) On December 17, 2021, Apache released Log4j 2.17.0 for Java 8 users to address a denial-of-service (DOS) vulnerability—CVE-2021-45105.

With the library being included in many applications knowingly and unknowingly it is causing a lot of problems for organisations small and large.

With the vulnerabilities being actively exploited time is of the essence.

This article will hopefully help you get to grips on what the vulnerabilities entail and what you can do about it.




The US government agency has put together a well-researched document that covers a lot of guidance

They have also published a community-sourced list of affected vendors, products and patch availability:


Immediate actions to take against exploitation:

  • Discover all internet-facing assets that allow data inputs and use Log4j Java library anywhere in the stack

  • Discover all assets that use the Log4j library.

  • Update or isolate affected assets.

  • Assume compromise, identify common post-exploit sources and activity, and hunt for signs of malicious activity.

  • Monitor for odd traffic patterns (e.g., JNDI LDAP/RMI outbound traffic, DMZ systems initiating outbound connections).


Microsoft has also put together excellent guidance and how their customers can use their products to their advantage. They provide updates from their threat intelligence teams as well.


AWS similar to Microsoft has also produced extensive guidance and how you can use their products and services to protect your organisation.


Apache project has a dedicated page with more details on the three vulnerabilities that have affected the Log4J library.


National Cyber Security Center has written up an excellent document targeting board directors which can be helpful if you are fielding questions from the board.


Twitter has a very active cybersecurity community so it's good to keep tabs on the following hashtags if you can:

Log4J Scanner

There are a few scanners that have been created to scan for vulnerable log4j applications.

One of them is:


You might have deployed a Web Application Firewall to protect your externally facing applications.

However, there have been documented ways to bypass the WAF and still exploit the vulnerability.

Our Company

Want to know more about how we help small and medium enterprise IT leaders improve their organisation's cybersecurity?

Then check out our services.

118 views0 comments

Recent Posts

See All

SOC 2: What is it and how does the process look like

What is SOC2 compliance? In today's digital age, data security is of utmost importance. How can businesses ensure that they are protecting their customers' information? The answer lies in SOC 2 compli


bottom of page