• IAM in Teams
  • IAM Hybrid
  • References
  • Company
FirstAttributeFirstAttribute
FirstAttributeFirstAttribute
  • IAM in Teams
    • Master your Teams Resources
    • Centralized M365 Identity Management
  • IAM Hybrid
    • Single Point of Access
    • Split the Admin Load
  • References
    • Our customers
    • Our projects
    • Partnership
    • Press
  • Company
    • About us
    • Career
    • News
    • Contact
  • English
    • German

Log4Shell – FirstAttribute software solutions not affected

Dec 15, 2021 (Letztes Update) | News |

 

The NCSC is highlighting a critical vulnerability in Apache Log4j. The major vulnerability, named Log4Shell, was discovered on December 10, 2021 in the Java library Log4j developed by the Apache Software Foundation.

FirstAttribute is not affected by this.

FirstAttribute software solutions 

FirstAttribute customers are not at risk from this security issue.
FirstAttribute’s software and services do not use Log4j. The development is not done in Java. Web applications developed by FirstAttribute do not use Apache web server technology for deployment.

Our software and services are not affected:

  • FirstWare IDM-Portal
  • FirstWare DynamicGroup
  • FirstWare AD-Inspector
  • my-IAM PeopleConnect
  • my-IAM TeamSpace
  • my-IAM DynamicSync

It is not necessary to update the existing installations. However, we generally recommend using the latest version and performing regular updates. To download the latest versions or make an appointment with our specialists, see links above.

How does Log4Shell work?

The Java library Log4j is designed to record information about a software, such as error reports (logging).
This vulnerability allows an attacker to send the server a link to a web page and have it read the contents of the page. If the page contains Java code, the server is able to execute that code.
This vulnerability is particularly dangerous because it provides a way to remotely execute code on any vulnerable server.
The NCSC reacted quickly and issued a warning about this vulnerability, as it affects a Java library used by thousands of companies.

An update for Log4j is available

A patch was hastily released by the Apache Foundation over the weekend, but it needs to be installed by server owners. Some affected companies, such as Mojang, the publisher of Minecraft, have also posted several warnings on their respective websites, asking all server owners to apply the proposed update as soon as possible.

Safety has top priority

For FirstAttribute, data security is a high priority. All of our products deal with the secure management of identity data and access rights. We continuously monitor and improve our software applications and services to ensure that our customers can handle their data securely.

With the help of security measures such as SSO, MFA or RBAC, as well as controlled user and authorization management (including automation and approval workflows), our solutions increase the security of identity data in your company. Detailed auditing also ensures absolute traceability of all actions.

If you have any questions about the Log4Shell attack or would like to verify the security of our software solutions, please feel free to contact us.

Artikel erstellt am: 14.12.2021
Share

You also might be interested in

Customized Password Reset Portal

Customized Password Reset Portal

Jun 8, 2020

A service provider for specialized information relies on the customized[...]

Azure AD Connect

Apr 1, 2021

Learn how to extend your Active Directory infrastructure to Azure[...]

Active Directory Migration with more than 100,000 objects

Mar 8, 2018

The specialists of FirstAttribute supported one of the largestIT service[...]

Wissen

Last articles

  • Release of DynamicGroup 5 – Faster processing of large AD groups
  • Microsoft Entra is the new umbrella for Azure Active Directory
  • Understanding components of IT compliance
  • my-IAM PeopleConnect Release – Better search for contacts in Teams
  • Bi-directional organization of Microsoft Teams by IT and employees

Categories

  • Concepts
  • DynamicGroup
  • IDM-Portal
  • my-IAM
  • News
  • Projects

LINKS

my-IAM - M365 Self Service

FirstWare -IDM-Portal

FirstWare - DynamicGroup

FirstAttribute – Tech Blog

Contact Info

  • FirstAttribute AG
  • Am Büchele 18, 86928 Hofstetten, Germany
  • +49 89 215 442 40
  • https://www.firstattribute.com

Topics

  • Legal Information
  • Privacy Policy

Latest News

  • Release of DynamicGroup 5 – Faster processing of large AD groups
  • Microsoft Entra is the new umbrella for Azure Active Directory
  • Understanding components of IT compliance
  • my-IAM PeopleConnect Release – Better search for contacts in Teams
  • Bi-directional organization of Microsoft Teams by IT and employees

Siegel FirstAttribute

© 2023 · FirstAttribute AG.

  • Legal Information
  • Privacy Policy
Prev Next