Install updates against serious vulnerability in Apache Log4j

For more information about this current vulnerability, view the updates from the CCB.

A serious vulnerability has been found in the Apache Log4j software. This software is used in many web applications and systems, by many organizations and companies. The extent and impact of this vulnerability is not known yet. However, we take this seriously. We are currently examining systems to detect on the basis of indicators of comprise (IOCs) whether this vulnerability has been exploited before. In addition, we have taken direct mitigating actions in the IT systems.

Therefore Ordina has proactively investigated its customers IT environment as part of Ordina’s (contractual) obligations, as well as Ordina’s own environment. When we identify a vulnerability, we mitigate the risk by installing the Apache Log4j patch or by turning off the software and/or disconnect your internet connection. We also immediately start detection as part of our investigation whether the vulnerability has already been abused yet. This gives us better insight into the damage and prevents further damage to the network and systems.

How to install the update yourself

We urgently advise you to do the same. Please make sure you investigate your digital environment as quickly as possible on Apache Log4j, its vulnerabilities and start detection and mitigations. After the investigation phase you can directly install the updates. When the updates don’t work, please make sure you disable the software and/or disconnect your internet connection. Please read the attached blog of one of our experts on how to do this by yourself.

If you need any help in the area of this vulnerability, please make sure you contact Ordina to support you in this matter. More related cybersecurity information, please check our website Cybersecurity | Ordina Belgium