13 December 2021  —  Eric Swotinsky
Incident reports

Log4j zero-day poses an internet-wide threat

A critical remote code execution (RCE) vulnerability (CVE-2021-44228) in the Log4j Java library is affecting most Java applications, including VMWare vCenter, Minecraft, Twitter, iCloud, and ElasticSearch.

This vulnerability has a CVSS score of 10 and is easy to exploit. Many attackers are already taking advantage, installing cryptocurrency miners and backdoors across vulnerable systems. Cloudflare has seen 20,000 exploit attempts per minute.

It's highly recommended that you immediately upgrade systems to Log4j version 2.15 or newer. For short term mitigation, you can also disable JNDI lookups through your Java settings. Acronis' solutions appear at this time to be largely unaffected, though customers are encouraged to block and monitor outbound connections as a precaution — see our security advisory for further details.

The patch management functionality in Acronis Cyber Protect can help you stay safe by automatically retrieving critical software updates — across all protected systems — as they become available.