Patch the Log4Shell vulnerability now to avoid a data breach

Security researchers from Cybereason has published a ‘Vaccine’ that can be used as a mitigation to the critical Log4Shell vulnerability on Apache Log4j code execution that is currently being exploited in the wild.

Apache Log4j, a java-based logging platform which is used for analyzing web server access or application logs. The Apache  log4j is mostly used in  games  like Minecraft, enterprise eCommerce platforms and other java based applications. However, Minecraft recently released a patch to fix the vulnerability.

A proof of concept exploit for this Log4Shell vulnerability was released by researchers with CVE-2021-44228 tracking. Later Apache quickly released a patch as Log4j 2.15.0 to fix the vulnerability, while there were attacks happening in the wild. This java vulnerability was troublesome for enterprises and popular websites as it could cause nightmares to their normal operations.

Fixing the Log4Shell vulnerability

Researchers from Cybereason had published a script or called it as ‘Vaccine’, that would disable the vulnerability even on remote. The vaccine manipulates the vulnerability by exploiting the vulnerable server. The Logout4Shell vulnerability project will facilitate setting up a Java-based LDAP server and includes a payload that will disable the ‘trustURLcodebase’ to mitigate vulnerability. However, the best option is to patch the log4j version with 2.15.0 update.

While this looks good threat actors could take over a device, patch it and then prevent other hackers from compromising the server. The BrickerBot malware took the vulnerable devices offline, and then gray hats used the Internet-connected printers to mitigate the situation by take those printers offline.

Here’s what Cybereason CTO has to say about their Logout4Shell project,

While always a possibility, it’s an issue of a calculated risk. This vulnerability is so critical and already massively abused across the Internet, we felt compelled to offer something to help defenders across the globe buy precious time against these hackers.

From an impact perspective, it’s very similar to the Apache Struts vulnerability that was used to steal information from Equifax in May-July 2017.”

– Yonatan Striem-Amit, CTO and Co-founder, Cybereason.

You can try this project by visiting the project’s GitHub page.

Subscribe to our newsletter for daily alerts on cyber events, you can also follow us on Facebook, Linkedin, Instagram, Twitter and Reddit.

You can reach out to us via Twitter or Facebook, for any advertising requests.