Security Update: Apache log4j
On 9th December 2021 it was confirmed that there are critical vulnerabilities in the Apache log4j product.
Log4shell is a critical vulnerability in the widely used logging tool Log4j, which is used by millions of computers worldwide running online services. A wide range of people, including organisations, governments and individuals are likely to be affected by it.
These vulnerabilities allow an attacker to remotely exploit arbitrary code on a vulnerable server. The attack is trivial to exploit and works without the need for any authentication. It is currently being actively exploited.
Protection and mitigation at firewall level
Since the discovery we have carried out a full internal review of the infrastructure and all products and services that could be at harm.
We can confirm that Forfront does not use Log4j currently nor has in the past.
We would like to reassure all our customers that our operation and security teams have responded quickly to protect our network and infrastructure against this vulnerability.
We are committed to a strict and rigid regime of processes, procedures and have the resources required to ensure that the e-shot platform and the Forfront business as a whole, are protected to the highest standard.
If you have any questions, please contact our Customer Success team.
Email marketing healthcheck
We are confident that we can help you, which is why we offer a free healthcheck to identify potential issues with your current programme and free advice on things that could be done to improve it.