Skip to content

Log4j zero-day vulnerability

Here's what you need to know about CVE-2021-44228, or Log4Shell, and what you can do about it.

Try Tanium free Get your risk score

Your organization’s IT environment could be at risk.

First reported on December 9, 2021, the Apache Log4j vulnerability is one of the most serious vulnerabilities on the internet in recent years, putting millions of devices at risk. Here’s what you need to know.

1

It could be on any device

Log4j is widely used on Windows, Linux, Mac, IoT, home devices, etc.

2

It could be anywhere on disk

Log4j is commonly renamed and repackaged, meaning the vulnerability can be present anywhere.

3

It is exploited in real time

Log4j has been targeted in 800,000+ attacks within 72 hours of the vulnerability publication.

4

It could cost you

The Federal Trade Commission plans to pursue companies who don't remedy the Log4j vulnerability.

"One of the most serious [vulnerabilities of my] entire career. If not the most serious. . . We expect the vulnerability to be widely exploited by sophisticated actors, and we have limited time to take necessary steps in order to reduce the likelihood of damage." — Jen Easterly, CISA Director

Quickly find and fix your Log4j exposure

Watch this 4-minute video to learn more about this vulnerability and how Tanium can help customers and partners identify, investigate and remediate it.

Try Tanium free

Know everything now

Enable your IT team to quickly identify vulnerable instances of the Apache Log4j utility, search for references to the impacted library in common file formats and detect instances of exploitation.

Fix it fast

Upon detection, triage and promptly remediate exposure to the Log4j vulnerability by notifying application owners, applying recommended patches or conducting deeper investigation.

Take control

Keep Log4j — and yet-to-be-discovered vulnerabilities — at bay by continuously enforcing compliance through managing patches, software updates and configurations at scale.

Black RingPower logo

“Tanium Reveal has been critical to us in responding to Log4j. Nobody else was able to search for references to the impacted library in common file formats and detect instances of exploitation. With Tanium, we accomplished in 30 minutes what would have taken months.”

Kevin Bush VP of IT Ring Power Corp.

“Much to our surprise, Tanium made us aware of many endpoints that were vulnerable to Log4j through user-installed tools and applications we weren’t aware of. Additionally, it helped us identify servers and appliances that had embedded Apache which may have otherwise been overlooked or left unprotected.”

Steven Blankenship Director of IT Salisbury University

“Tanium is quickly becoming our most indispensable tool for operations. It has answers for questions in real time, that without Tanium we would be scrambling to figure out. The ability to gather information, expose and remediate vulnerabilities quickly like Log4j has been invaluable. It’s given us confidence that our organization is secure.”

Jerry Delgado IT Director of Infrastructure & Security United Automobile Insurance Company

Think you're exposed?

We can help. Tanium can quickly find vulnerable instances, identify signs of exploitation, and mitigate or patch those instances. Try Tanium free today or watch our webinar to learn more.

TRY TANIUM TODAY Get your risk score

Good enough isn't good enough when it comes to Log4j

Tanium can help you scan, search and hunt down Log4j exposure you didn't even know existed. These modules give you a starting point, narrow down the search and pinpoint exact locations of Log4j.

Read our full guidance

Interact

Included with Tanium Core

What is it?

List of applications installed in plain sight on your endpoints

What does it do?

Great for understanding the IT estate, counting software licenses and serving as a starting point for your Log4j hunt

Why does it matter?

Immediately gain visibility into your IT environment

Index

Included with Threat Response

What is it?

List of unique filenames and folders on your endpoints

What does it do?

Great for searching known file names and hashes and locating the paths of those files

Why does it matter?

Search deeper and quickly find Log4j by name in known file folders

Reveal

What is it?

Indexed search of every folder, file and its contents

What does it do?

Great for uncovering hidden instances of Log4j. Reveal can spot traces of Log4j inside nested or renamed files and archived folders (e.g., .jar, .zip, etc.) as well as references to Log4j inside file content

Why does it matter?

Log4j has nowhere to hide even when a file name has been changed — maliciously or by design

On day zero and beyond, check back for the latest resources and guides on Log4Shell

Community

How Tanium Can Help with CVE-2021-44228: Log4Shell

Read this step-by-step guide on using Tanium to identify the Log4j vulnerability and signs of exploitation in minutes.

Learn more
blog

What is Log4j and How Do I Protect My Organization?

Few, if any, software flaws have recorded a CVSS score of 10.0. Unfortunately, Apache has saved the worst till last.

Read more
blog

A Letter to CEOs on the Log4j Vulnerability

From our CEO to yours: Let us help you solve Log4j, and protect you when the next one inevitably comes.

Read more
Webinar

Log4j Vulnerability: How Tanium Can Help

In this webinar, you'll discover what you need to know about CVE-2021-44228, or Log4Shell, and what you can do about it.

Watch now
Architect Tomorrow

Log4Shell Fix with Tanium

Oliver Cronk, Tanium's Chief IT Architect, speaks on Log4j — why it's so serious, why it's so hard to track down and control, and how the Tanium platform finds and closes down this issue for customers.

Watch now
Go-Tanium Series

Go-Tanium Tech Talks: The 411 on Log4j: Tanium Reveal

How do you crawl files in the enterprise looking for a single string like "Log4j" in seconds? See how a free trial of Tanium can grant you rapid visibility into the latest threats on today's Go-Tanium Tech Talk.

Watch now
Article

The Log4Shell Hack Proves 2021 Is Not Yet Done With Us

This year has seen some of the worst cyber hacks in history. Here's what we need to learn from them.

Read more
Article

Taming Supply Chain Risks in the Wake of the Log4j Vulnerability

The latest cyber bug shows how a lack of visibility into third-party software continues to plague organizational networks. Here's how you can protect yourself.

Read more
Article

CISA: Federal Agencies Must Urgently Patch Log4j Vulnerabilities

CISA sent out an emergency directive December 17, 2021, requiring federal agencies to immediately patch their networks for the Log4j vulnerabilities.

Read more
Go-Tanium Series

Endpoint Explorers: Log4j and How to Secure an Enterprise

Endpoint Explorers explore Log4shell. From Minecraft to enterprises, join us and special guest in this special Log4shell episode.

Watch now
Article

Log4j Vulnerability: CISOs Face 2022 in Crisis Mode

Organizations must immediately protect computer systems from accelerating hacks. That means new patches and a more customized approach to patching overall.

Read more
Article

6 Cybersecurity Priorities for 2022

The FTC plans to pursue companies that fail to patch the Log4j vulnerability. For CISOs, that's just one concern.

Read more
Go-Tanium Series

Go Tanium Tech Talks: Log4j and Beyond

The initial shock of Log4j is over, but the work is far from over. Hear stories of how and what we're finding in the field, and then review best practices to monitor for future threats... beyond Log4j.

Watch now