Additional Information regarding potential vunderabilities. Specifically Log4j

Brian Warriner

We use Camtasia and SnagIT for training purposes. We run it from individual PCs or Laptops. Can you provide me information on what is being asked below? Current version we are on is 2021.

Additional Information

Camtasia

Snaggit

The following are acceptable mitigation activities

  • Work with the application vendor and/or OEM to identify recommended steps to remediate or mitigate vulnerability
    • Ensure Log4j version and mitigation timeline is documented in spreadsheet
  • Focus on DMZ and Internet facing systems first, then devices accessible via B2B VPN, and finally other internal network systems.
  • If possible, apply latest patches for Log4j (version 2.17.0) provided by Apache.
  • Other possible mitigation activities:
    • Restrict outbound connections from any potentially vulnerable server to only known-good locations
    • Delete the Log4j library from application code base
    • Remove the JndiLookup class file from the class path

 

Thanks,

 

Brian Warriner, Health First, Inc. 321-434-5589

0

Comments

0 comments

Please sign in to leave a comment.

Didn't find what you were looking for?

New post Create a ticket

Didn't find what you need?

Community Support

Visit Community Site

Looking for tutorials?

Product Tutorials

Lost Software Key

Key Lookup Tool