Surely in the last few days you have heard about the Log4j fails, which is already known as the greatest and most critical vulnerability of the last decade; and is that its seriousness lies in the fact that allows remote code execution on vulnerable machines easily, thanks to the fact that it is present in an open source registry library widely used in applications and servers on the internet, called Log4j.

What is the Log4j vulnerability about?

At the end of November, cybersecurity experts discovered a significant vulnerability called Log4Shell, which gives hackers access to take control of the servers of companies with popular services and used by millions of people, such as Apple, Valve and Cloudflare, as well as games as used as Minecraft; which it’s puts millions of devices at risk around the world.

The vulnerability was originally discovered by Chen Zhaojun of Alibaba Cloud Security Team, and is found in log4j, an open source log library, developed by Apache Foundation and built on the Java language, which is used in a large number of applications and services on the Internet. It is a registry where applications and services keep a list of the activities they have carried out.

Cybercriminals are exploiting this vulnerability, which allows remote code execution on vulnerable servers, giving them the ability to import malware that would compromise user devices. Right now, Log4j is present on millions of internet servers that must be patched as soon as possible, to avoid attacks by cybercriminals.

For this reason, over the past weekend, much of the technology industry was working hard to implement patches before cybercriminals could exploit the vulnerability.

One of the first known attacks that used the vulnerability involved the construction game Minecraft.. The attackers were able to seize one of the game’s servers before Microsoft, its owner, fixed the problem. This was due to the fact that it is a security flaw known as a “zero-day vulnerability”, because there was no patch to fix it before it became known and potentially exploitable.

The scope of this vulnerability is such that the cybersecurity firm Check Point said Monday it had detected more than 800,000 attempts to exploit the bug in the first 72 hours after it was made public.. “It is clearly one of the most serious vulnerabilities on the Internet in recent years,” the company said in a report. “The potential for harm is incalculable.”

Who is affected by the Log4j vulnerability?

Log4j is a widely used solution, so it is very difficult to know how many servers, devices, products or services use it and how many could be affected by this error. For now, In addition to Minecraft, other security reports also include the servers of companies such as Amazon, Twitter, Apple, Valve and Cloudfare..

Generally speaking, any consumer device using a web server could run Apache, which, in addition to computers and smartphones, is widely used in devices such as smart TVs, DVR systems, and security cameras.

The flaw is potentially dangerous, due to the widespread use of the Log4j registry library in all kinds of business and open source software.said Jon Clay, vice president of threat intelligence at Trend Micro.

The registry library is popular, in part, because it is free to use, but its free use comes with some cons, such as the fact that only a few people are responsible for its maintenance; while paid products often have large security and software development teams behind them.

Thus, now it’s up to affected companies to patch their software before something serious happens. The bad news is that even if the patch already exists, it could take hours, days, or even months to implement, depending on the company.

By Monday, companies such as IBM, Oracle, AWS and Microsoft had issued advisories alerting their customers to the bug, describing their progress on patches and urging them to install related security updates as soon as possible.

Before this problem, users can’t do much more than update their devices, software and applications when companies have the patches available to fix the flaw. However, there are a large number of old devices connected to the internet, which due to their software versions no longer receive updates, so they will be vulnerable.

Cybersecurity firm Sophos said that Evidence of malicious cryptocurrency mining operations has also been found, where cybercriminals try to use the vulnerability to their advantage. Crypto mining attacks allow cybercriminals to take control of a targeted computer with malware to mine cryptocurrency.

Trend Micro’s vice president of threat intelligence believes that given the catastrophic effect the flaw is having on so many software products right now, companies should think twice before using free software in their products, as it is certain that with free software, these types of errors will continue to occur in the future.