Sherweb confirms it has not detected any exploitation of Log4j security vulnerability
MONTRÉAL, DECEMBER 17, 2021 – Sherweb, an award-winning cloud marketplace leader, has confirmed that it has deployed recommended software updates for products impacted by the Apache Log4j security vulnerability, reported on December 9, 2021.
Since the threat was identified, the Sherweb Security team has been doing a full impact assessment of Sherweb servers to identify those that use Log4j. All devices were scanned for the presence of the culprit library. When found, Sherweb consulted with vendors if the system was vulnerable and if so, instructions from vendors were followed by applying updates, mitigations, or removals. For rare cases when the system was vulnerable and vendor had no available solution yet, Sherweb took all necessary measures to ensure systems were not exposed.
Due to the severity and scope of this vulnerability, Sherweb will continue actively monitoring the situation. The security and trust of their customers is top priority.
Apache Log4j is a popular open-source Java logging library used by websites, cloud services and applications worldwide. The U.S. National Vulnerability Database has rated this security vulnerability as the highest on its rating scale and considers it “critical.”
About Sherweb
More than 7,500 partners and 85,000 companies worldwide grow their business using Sherweb’s value-added services. We support our customers with business strategies, cloud services, operations and expertise. Whatever their business, we can help them reach their full potential by creating a tailored approach to their needs. Find out what you can achieve: www.sherweb.com
Media contact
Kate O’Neill
Marketing Communications Manager, Sherweb
koneill@sherweb.com