Forum Discussion

Steven Sousa's avatar
Steven Sousa
New Contributor
4 years ago

Log4j Zero Day Vulnerability

Zero Day Vulnerability 

 

A zero day vulnerability was discovered last week that exploits a security gap in the Log4j application. 

As this vulnerability is being actively exploited, we are requesting an immediate response to the following:

  1. Do your products or services, or the third party solutions you use to deliver your products or services, use Log4j?
  2. If so, what remediation actions are you taking? Please provide a timeframe for remediation, if applicable.

 

Thank you

  • Hello Steven Sousa 

    On Friday, December 10th, a zero-day vulnerability affecting a widely utilized open-source logging tool that is part of Apache Logging Services impacted a meaningful subset of the software industry.  The security of our services and customer data is a top priority for LogMeIn and we are taking this matter very seriously. Upon becoming aware of the vulnerability, LogMeIn initiated an investigation to determine if any further action is required to mitigate against the vulnerability.  Additionally, we continue to monitor for the latest information regarding this issue with Apache to keep our software and customers safe and secure.  

     

    ** GoToMyPC no longer utilizes the Log4J logging utilities in any way. 

  • AshC's avatar
    AshC
    Retired GoTo Contributor

    Hello Steven Sousa 

    On Friday, December 10th, a zero-day vulnerability affecting a widely utilized open-source logging tool that is part of Apache Logging Services impacted a meaningful subset of the software industry.  The security of our services and customer data is a top priority for LogMeIn and we are taking this matter very seriously. Upon becoming aware of the vulnerability, LogMeIn initiated an investigation to determine if any further action is required to mitigate against the vulnerability.  Additionally, we continue to monitor for the latest information regarding this issue with Apache to keep our software and customers safe and secure.  

     

    ** GoToMyPC no longer utilizes the Log4J logging utilities in any way.