Top Tech Companies Struggling To Patch Log4j Flaw

Tech companies such as Cisco Systems, IBM, VMware, and Splunk are still struggling to install patches that fix the Log4j vulnerability, which was recently discovered by researchers and exploited by attackers.

The Log4j flaw has been fixed by Apache. However, since many programs use the free logger, it is necessary that many organizations also prepare and install patches to prevent takeovers.

This includes other free software and programs from both big and small companies.

Currently, some technology companies, including Cisco are updating guidance several times a day, while confirming vulnerabilities, available patches, or strategies for blocking intrusion when they occur.

Based on observations and companies’ struggles to patch their systems, Kevin Beaumont, security threat analyst, explained: “Lots of vendors are without security patches for this vulnerability. Software vendors need to have better, and public, inventories around open-source software usage so it is easier to assess risk – both for themselves and their customers.”

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web