A zero-day vulnerability (CVE-2021-44228) has been discovered in Apache Log4j which could permit a remote attacker to exploit vulnerable systems. An exploit code for this vulnerability exists, known as “Log4Shell”. It is publicly available on the dark web and multiple attack attempts are already underway.
Blue Ridge Networks solutions, including LinkGuard, EdgeGuard, and AppGuard do not use the Log4j library and are not vulnerable to those attack vectors.
BREACH PREVENTION FOR VULNERABLE SYSTEMS:
LinkGuard: For any system using the Apache software, LinkGuard and EdgeGuard can be used to logically isolate and contain existing/ongoing attacks and prevent future threats from external/remote threat vectors, including zero-day vulnerability including CVE-2021-44228.
AppGuard: AppGuard should be used on Windows or Linux based systems that run software that is affected by CVE-2021-44228 to prevent malware exploits from taking advantage of that attack vector.