Click to chat
  • Solutions
    • Solutions
    • Artificial Intelligence
    • Data Analytics
    • Epicor for Distribution
    • Epicor for Manufacturing
    • IT Support
    • Managed Services
    • Microsoft 365
    • Microsoft Azure
    • Microsoft Licensing Support
    • Security
  • Innovation
    • Innovation
    • AI for Epicor
    • Cybersecurity
    • Data Analytics
    • Epicor in Azure
    • Epicor Kinetic ERP
    • Microsoft 365
    • Microsoft Azure
    • SaaS
  • Helpdesk
  • Resources
    • Resources
      • Resources
      • 2W Conversations
      • News Releases
      • Product Demo’s
      • Quick Tech Talks
      • Webinars
    • Blogs
  • About 2W
    • About Us
    • Contact Us
    • IT News
  • Join the Team
  • Client Login
  • Solutions
    • Solutions
    • Artificial Intelligence
    • Data Analytics
    • Epicor for Distribution
    • Epicor for Manufacturing
    • IT Support
    • Managed Services
    • Microsoft 365
    • Microsoft Azure
    • Microsoft Licensing Support
    • Security
  • Innovation
    • Innovation
    • AI for Epicor
    • Cybersecurity
    • Data Analytics
    • Epicor in Azure
    • Epicor Kinetic ERP
    • Microsoft 365
    • Microsoft Azure
    • SaaS
  • Helpdesk
  • Resources
    • Resources
      • Resources
      • 2W Conversations
      • News Releases
      • Product Demo’s
      • Quick Tech Talks
      • Webinars
    • Blogs
  • About 2W
    • About Us
    • Contact Us
    • IT News
  • Join the Team
  • Client Login
Contact Us
Home / IT News / Log4Shell Continues to Cause Trouble in 2022

Log4Shell Continues to Cause Trouble in 2022

01/12/22
Categories:
  • Apache
  • Cyber defense
  • Cybersecurity
  • Cybersecurity and Infrastructure Security Agency
  • Federal Trade Commission
  • Log4j
  • Log4Shell

Many of us looked to put 2021 behind us at the stroke of midnight on New Year’s Eve. However, the cybersecurity pros are still dealing with the “gift” that keeps on giving from December: The Log4Shell vulnerability.   

Now the federal government is stepping in to squash the threat.  The Federal Trade Commission (FTC) has issued a warning saying it will pursue legal action against any U.S. company found to have put consumer data at risk by not properly mitigating Log4Shell. 

The Log4Shell vulnerability continues to pose a severe risk to millions of consumer products and enterprise applications. There also is a significant risk of data loss in a data breach made possible through the vulnerability, tracked as CVE-2021-44228.  The FTC has encouraged businesses to follow guidance issued by the U.S. Cybersecurity and Infrastructure Security Agency (CISA).  

The guidance includes:  

  • Update your Log4j software package to the most current version 
  • Consult the CISA guidance to mitigate the vulnerability 
  • Ensure remedial steps are taken to ensure that your company’s practices do not violate the law. Failure to identify and patch instances of this software may violate the FTC Act.  
  • Distribute info about Log4Shell and the CISA guidance to any relevant third-party subsidiaries that sell products or services to consumers who may be vulnerable.  

There also has been a fourth flaw discovered that was reported on Dec. 28 that must be taken into consideration. According to Apache, the Apache Log4j2 versions 2.0-beta7 through 2.170 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution attack.   

RCE is one of the worst cybersecurity holes possible because it usually means a cybercrook can poke an unexpected program into your computer without so much as a by-your-leave. An RCE attack might inject an untrusted app, poke a binary fragment of machine code into memory, or sneakily offer up an unwanted script file. And if the attacker succeeds, you’ll run their code unknowingly.  

If you have further questions or need help with Log4Shell, give us a call. 2W Tech is a technology service provider with IT Consultants on staff that have a wide berth of experience with cybersecurity and cyber defense solutions.   

Read More:

A Look at the Epicor ERP Financials Core General Ledger

What Makes Machine Learning a Powerful Tool

Back to IT News

Copyright © 2025, 2W Technologies, Inc.

2W Tech is a leading technology service provider specializing in cutting-edge solutions for the manufacturing and distribution industry, including Epicor ERP, Epicor P21, IT support and infrastructure, Azure cloud services, Microsoft 365, cybersecurity, artificial intelligence, data analytics, and comprehensive managed technology programs.

Epicor in AzureTM and ResolveIQTM are registered trademarks of 2W Technologies, INC.

As an esteemed Epicor Platinum Elite Partner and a Microsoft Tier 1 Cloud Services Partner, we are dedicated to delivering unparalleled service and support. For more information, please contact us at 262-686-5070 or visit our website here.