The Log4j Vulnerability: Patching and Mitigation

Показать описание

In this video walk-through, we covered how to patch and mitigate the Log4j vulnerability using Apache newly released guidelines. We used lab material from TryHackMe.
********
Receive Cyber Security Field Notes and Special Training Videos
********
Written Walk-through
******************
More resources on patching the log4j
********
Mitigation
LOG4J_FORMAT_MSG_NO_LOOKUPS
**********
Google Profile
LinkedIn
Instagram
Twitter
Facebook

Рекомендации по теме

Комментарии

Thank you Motasem making informative video. This channel is so much underrated. Needs more subscribers and viewers.

samirshaikh

My understanding is that the version 2.16 is not sufficient as a solution as it allows for denial of service attacks, so 2.17 is the current recommendation. This video is very well explained and helpful, thanks!

drakezen

Hi I am new in here, I have read your comment below but don't understand, what do you mean no delete but just copy and replace?
Say currently the application is using 2.14 core, and I copy the 2.17.1 core in the same folder, but don't delete the 2.14 core and keep it there?? And any configure do we need to adjust after replace the .jar files?

louisasdo

Hi, can u plz provide note on updating from 2.11.1 to 2.17.0 log4j for Linux elasticsearch

jayrawani

Thank for uploading this, really informative, just one question, I am very much curious and interested to know more about this I mean, If there's a Possibility that you could guide me where I could get the code of a web application that uses log4j's vulnerable version and patched one, it would be great cuz as a developer and pentester I would really wanna inspect if for understanding purposes .. and thanks again,

UmairAli

How to replace those files with new file if we have downloaded on same server
Can we do it at once

private

Can you please provide the notes or please tell me how to get the notes

ramenpradhan

The Log4j Vulnerability: Patching and Mitigation

The Log4j Vulnerability: Patching and Mitigation

How to mitigate Log4j vulnerability | Example | log4j 2.17 | step by step update | imp links #log4j2

Patching UniFi Against The Log4J CVE-2021-44228 Vulnerability

Log4J Vulnerability (Log4Shell) Explained - for Java developers

Log4J - CVE 2021-44228 (Log4Shell) - Exploitation & Mitigation

How to fix the Log4j vulnerability on Windows Server

Log4j vulnerability explained

Log4J Exploit Explained: How it Works, In-Depth Examples, Mitigation, etc. | Log4Shell Vulnerability

Understanding the LOG4J Vulnerability: Risks and Prevention Tips!' -Covered By ‎@MaloyRoyOrko

The Log4j Vulnerability Exploit Explained

Log4j Vulnerability | How to protect your Systems and Servers from Log4j | Fix this ASAP!!!

Log4j (CVE-2021-44228) RCE Vulnerability Explained

Logs on Fire? | Log4j Vulnerability | How to remediate them ASAP? | Tech Primers

How to Fix Log4j Vulnerability? (Windows, Mac, and Linux)

[EN] VMware: How to detect the Log4j vulnerability on vCenter with Runecast, and how to patch it

Fix log4j2 vulnerability | log4j2 issue | log4j2 Fix | CVE-2021-45046 | All about log4j2 |okay java

The right steps and actions to help mitigate Log4j Vulnerability Exploit

Apache Log4j: The Exploit that Almost Killed the Internet

How To - Use Vulnerability Response to identify and remediate the log4j vulnerability

How to mitigate the Log4j vulnerability on Windows servers for Fastvue Reporter (the correct way!)

What is the Log4j Vulnerability and How to Protect Against It

How to find Log4j version | step by step log4j update | Example | log4j vulnerability fix #log4j

Patching UniFi AGAIN To 6.5.55! This Time The Log4J CVE-2021-45046 Vulnerability

Log4Shell Apache Vulnerability: What to Know and What to Do