Evaluation of zero-day vulnerability in Apache Log4j December 2021

Evaluation of zero-day vulnerability in Apache Log4j December 2021

A zero-day vulnerability was announced by Apache w/c 6.12.2021, which has impacted a number of companies across the globe. This newly discovered vulnerability allows for unauthenticated remote code execution.

Log4j is an open source Java logging library developed by the Apache Foundation. Log4j is widely used in server infrastructure, applications and in many digital services.

Lightyear deploys many layers of security to ensure our platform remains secure. This recent vulnerability was identified and a security assessment carried out in line with our internal Incident Response Policy.

Our security assessment did not identify any significant risks to the Lightyear infrastructure.  Our core platform infrastructure does not use the impacted logging utility.   We have reviewed and updated any of our third party tools where there has been a recommended update advised.  We have taken, and will continue to take, any necessary steps to strenghten our defences against this and any other security vulnerabilites in line with our Incident Response Policy.


      

    Check out our
    to stay up to date

      • Related Articles

      • Having Trouble Logging In?

        If you are here, it might be because you Googled, Bing-ed, Alta Vista-ed, or Asked Jeeves "Lightyear Login", and they've served you a link to our Knowledgebase Sign-In Page. You might have found your normal log in credentials don't work on that page. ...
      • Where can I find error logs when documents didn't export?

        Sometimes you might have an issue with exporting your documents and you may see an error message to let you know that your documents have not in fact successfully exported.  Check your Activity for clues In Panel 1, select the document in question. ...
      • How to make your CSV file not change your data when opening in Excel

        This guide is for people that are having to open their CSV file to edit something and they are finding that Excel is changing their data. For e.g the leading zero's are disappearing on an invoice number - 001257 is displayed as 1257 or  long numbers ...
      • How do I navigate between my accounts - Company Picker

        Are you a user of multiple Lightyear accounts? Done working in one and want to be able to switch to another account easily? Use our company picker! Navigating your companies on log-in If you're a user of multiple companies, the company picker quickly ...
      • Can Lightyear see my details and documents?

        In short, no we can't.  Not unless you invite us to do so. If you would like to invite us to see your data, even for a short period of time, its easy. Head over to Company Settings > Allow Lightyear Support > Yes, as shown below.   Only Admins can ...