Would you say hosting a Java Minecraft Server on a home PC is Corporate ? Would you say running a Unifi Controller managing a Wifi Network on a home PC is only Corporate ? Would you say running a number of Docker containers on a NAS is Corporate ? Your definition of Home User and Corporate is also blurred in modern day computing. Log4j is mainly a corporate issue and is being targeted as such. If you are a home user your risk is minimal. I did not say fix, I said protect which can mean identify. identify risks, is not out of the realms of expectation. Have can mean provide and asking if an Antivirus / Malware platform can provide protection, i.e. "Does Norton 360 have protection for the log4j vulnerability". Lets hear something from the Norton teams. Information for Security Operations and Huntersīottom line is, unless you use or connect to these services regularly the risk should be minimum, always practice good security both in the home and outside the home, as well as working from home. Mitigation Guidance for Microsoft ServicesĪzure Application Gateway, Azure Front Door, and Azure WAF Apache security advisory: Apache Log4j Security Vulnerabilities.They HAVE issued their advisory for Apache here. Conversely, today's Patch Tuesday release doesn't reflect any Microsoft products as being patched for this issue. Keep in mind this vulnerability is primarily an enterprise nightmare as it affects most products related to enterprise servers and their networks.
Several products are already fixed / patched. VMWare is of special interest in that its used by corporate and everyday end users, there are 27 products affected under their roof. To date, there hasn't been ANY information posted that Norton and its services are affected.
Other companies are doing the same as their needs require. Broadcom, which now owns the former Symantec entity has also provided their security advisory as well.
Most fortune 500 companies use Amazon Web Services in one fashion or another, they have issued a bulletin for their affected services and products here. The one that sticks out the most are Amazon AWS services. The listing of affected / vulnerable products are listed in this Bleeping Computer article.
0 kommentar(er)
