Getty Images

The publicly funded UK healthcare system warns that criminals are actively exploiting the high-level Log4Shell vulnerability on servers running VMware Horizon to install malware that allows them to gain complete control over affected systems.

CVE-2021-44228 is one of the most serious security vulnerabilities to come to light in recent years. It resides in Log4J, a system logging code library that is used in thousands, if not millions, of third-party applications and websites. This means that there is a huge base of vulnerable systems. In addition, the vulnerability is extremely easy to exploit and allows attackers to install web shells that provide a command window for executing highly privileged commands on hacked servers.

The remote code execution bug in Log4J was discovered in December after exploit code was released before a patch was available. Malicious hackers quickly took action …



Source link

Leave a Reply