Post Syndicated from Backblaze original https://www.backblaze.com/blog/system-maintenance-update-log4j-vulnerability/

As you may be aware, a vulnerability was publicly announced recently relating to Log4j, a common logging library widely used by companies around the world.

Our first priority was to make sure our customers’ data is protected and our environment is secure. So, when we learned of this vulnerability affecting Apache Log4j, our security, technical operations, and engineering teams quickly pulled together to establish a protocol for achieving our primary directive.

What is the Log4j vulnerability?
As reported by ArsTechnica, a zero-day vulnerability was discovered in the Apache Log4j logging library that enables attackers to take control of vulnerable servers. Log4j is widely used, by everything from Minecraft to iCloud to the National Security Administration, and the Cybersecurity & Infrastructure Security Agency (CISA) urged users to apply patches immediately to address the vulnerabilities.

What actions have we taken?
On Friday, December 10 at approximately 4:30pm PT, Backblaze took services offline in order to protect customer data and roll out security patches across all our systems to address the vulnerability.

12/11/2021 1:05am PT update: Systems are coming back online. While our teams work diligently to bring everything up, you may experience continued service disruptions. Thank you for your patience.

12/11/2021 02:58am PT update: Systems are back online and functioning normally. If you are experiencing any problems, please reach out to our Support Team: https://help.backblaze.com/hc/en-us/requests/new.

The post System Maintenance Update: Log4j Vulnerability appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.