Apache Log4j 2 Vulnerability


Last Updated at 5:00 p.m. CT on December 20, 2021

 

Customer Notice

On December 10, 2021, a critical vulnerability in the popular Apache logging library log4j was announced. This library is widely used by enterprise applications and would allow a remote adversary to easily exploit the vulnerability and take control of an affected system.

Here at Micah, we do not directly use Java technologies, so we are not impacted by this vulnerability.

We are following up with our critical vendors to ensure they are applying the appropriate patches to their systems, if they are impacted. We will continue to monitor this, but so far they have done a great job of identifying their risk levels and taking the appropriate mitigation steps when necessary.

This is an ongoing analysis and we will post relevant updates as new information arises. At this time, there is no action required by our users to continue safely using Micah.

For updated information about our application status, please contact us or visit this page.