There is a logging library that is used extensively throughout the Technology industry. It has gotten a security rating of 10 which is very very rare…i personally have not heard of one during my nearly 30 years in this industry. You can see the looooong list of companies hit by this using this Google Search.
As far as ETC Maryland goes, we are NOT vulnerable to this exploit. We do not use any software that uses this library and are therefore not vulnerable to this issue. WordPress does not use any components of java so sites hosted by ETC Maryland are not vulnerable in their base configuration. Some of the more notable vendors that are vulnerable are:
- Steam
- Icloud
- Minecraft
- CPanel hosting panel
- Unfi networking
- Cisco
- Fortinet
There’s a running list on github but to be frank, the list of announcements of security issues among vendors is coming in too fast to keep up. Simply put, if your software has java in it(not JavaScript) it’s vulnerable. If you have any questions please contact us to make sure your systems and software is properly audited and the patched against this vulnerability.