If you haven’t heard yet, a major software vulnerability has been detected that could affect hundreds of millions of products — from medical devices to doorbell security cameras and critical infrastructure – that run on Windows, Linux, Apple’s macOS software platforms.
The Log4j vulnerability, which exploits a software component widely used in many products and applications, could make millions of companies using affected applications susceptible to ransomware and other costly cyberattacks. The reasons for the vulnerability are extremely technical but the solutions are not.
If your vendors send you a software patch for their applications or devices, Patch It! (But first make sure it’s actually from your vendor, not some fraudster trying to take advantage of current events by sending malicious code through fake updates! Use the same techniques you would to guard against phishing attacks—look for misspellings and typos and other signs.)
Those who have completed our Cyber Readiness Program know that keeping software up-to-date is one of our four core pillars of good cyber hygiene and cybersecurity protection. Over the next several weeks, you may be inundated with automated software patch requests, don’t ignore them.
They are extremely important and vital to protect your business, customers, partners, and employees.
For more resources about how to manage automatic software updates and patches, you can find more information at: https://cyberreadinessinstitute.org/starter-kit/