Log4J Vulnerability (CVE-2021-44228) and SimpleHelp

gchristelis · December 13, 2021, 10:25am

The recently publicised zero day exploit (CVE-2021-44228) in the Log4J logging framework does not affect SimpleHelp server installations or any backend services. All versions of SimpleHelp are not reliant on Log4J so are not vulnerable to this exploit.

If you are interested in searching for vulnerabilities in installed software you can use tools such as Grype (https://github.com/anchore/grype). Grype can identify vulnerabilities in install software, including software that utilises nested / bundle sub-component. It is able to detect CVE-2021-44228 in installed software.

If you have any specific Log4J exploit queries send us a support email at support@simple-help.com .

Peter_K_Knowles · December 13, 2021, 11:34am

Thank you for this input, George!

Ian_Durrant · December 13, 2021, 11:59am

Thanks for that George

Kind regards
Anthony

Mike_Tills · December 13, 2021, 12:57pm

Thanks George…You made my Monday!

Simon · December 14, 2021, 9:15am

Is there any tools/scripts created by anyone that can be ran on all devices to detect log4j issues?