The Log4j security vulnerability is keeping the Internet and thus all IT service providers on their toes. A software component that is often used in Java applications for processing log messages allows attackers on affected systems to reload and execute malicious code. This vulnerability can often also be exploited over the network. The BSI has published a press release on this vulnerability at the following address: https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2021/2021-549032-10F2.pdf.
After it became known on Friday, December 10, 2021, all systems of the GWDG were checked for vulnerability and appropriate countermeasures were initiated. Systems on which immediate countermeasures were not possible for technical or organizational reasons were shut down or access was restricted as a precaution. Despite a rapid response and extensive analyses, it cannot be ruled out that individual systems are still affected or have already been compromised. Our investigations are still ongoing.
Responsible persons running services or software on GWDG infrastructure (e.g. vServers) are strongly advised to check their systems for this vulnerability as well. The BSI has published recommendations for action in the press release linked above.