Good afternoon,
I am writing to all of you to inform you of a potential vulnerability that was brought to our attention here at Rustin Tech Thursday night (12/9/21). There was a vulnerability disclosed by Oracle that may impact anything running Java (many server and computer applications). This is a critical vulnerability and poses risk to a lot of software that is regularly used. With that being said, we have been hard at work already taking action and are continuing to audit and take preventative action as necessary. We currently have no reason to believe that any customers have been affected and if we have any individual concerns regarding your organization and its cybersecurity we will be in touch as soon as possible. You will be updated with any further updates if necessary.
As a reminder, if you or anyone in your organization has any emergency concerns please email emergency@rustintech.com.
The technical stuff:
Actions Taken:
- Upgraded all UniFi Sites to UniFi Network Appliance 6.5.54
- Worked with Vendors such as N-Able who states: "We have evaluated risk within RMM and have deployed patches for any potentially vulnerable components."
- Upgraded all servers and appropriate services
- Increased logging
Actions in Progress:
- Audit Client Software and Upgrade as necessary
- Prioritize patch rollout schedule
- Increase monitoring and alerting for RMM Clients
- Configuration Analysis on All Platforms (managed services platforms such as Cloudflare, Squarespace, RMM, etc.)
Additional Information:
CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228
Cloudflare's Writeup: Inside the Log4j2 vulnerability (CVE-2021-44228) (cloudflare.com)
Thank you for your patience and understanding.
Ryan Keenan, MTA AZ-900
IT Consultant
(267) 817-5942