We're Hiring!
Take the next step in your career and work on diverse technology projects with cross-functional teams.
LEARN MORE
Mountain West Farm Bureau Insurance
office workers empowered by business technology solutions
BLOG
12
22
2021
1.28.2022

Lunavi Response to Log4j Vulnerability

Last updated:
12.23.2021
1.28.2022

On Friday, December 10, 2021 the vulnerability CVE-2021-44228 -- commonly referred to as log4j -- was initially published and Lunavi initiated its emergency response plan. Shortly after the initial release additional vulnerabilities were identified: (CVE-2021-45046) on December 14th and (CVE-2021-45105) on December 18th.  

Since these initial releases, multiple bad actors have begun to focus their efforts on this evolving threat, which is expected to be given the highest CVSS score of 10. The extent to which the affected Java-based software is integrated into everyday technologies and platforms is still being discovered and released daily.

Lunavi has completed an initial assessment of all systems, vendors, and related technologies. We will continue to review and monitor all systems as more information continues to be released. We have already taken proactive actions and executed emergency procedures to implement vendor-related workarounds and/or patches if available and removed systems from the network that could not be immediately remediated.

We will continue to communicate with our vendors, monitor the situation, and be prepared to execute any additional updates that may be released or take further remediation action upon relevant information being released.

Additional information related to this vulnerability can be found by visiting the following sites:

If you have any additional questions, please do not hesitate to contact our support department support@lunavi.com.

Recent Blog Posts

lunavi logo alternate white and yellow
2.15.2022
02
.
15
.
2022
Service Changes Coming to Microsoft 365 & Office 365

The NCE offers new subscription terms including 12-month and 36-month plans priced lower than monthly contracts. In addition, it is easier to add seats, cancellation policies are more consistent, and there are two promotional options to lock in a better rate for your current renewal. However, the mandatory new plans do include price adjustments.

Learn more
lunavi logo alternate white and yellow
1.28.2022
01
.
21
.
2022
Automate Your Cloud with Azure Bicep

Azure Bicep is a great way to implement Infrastructure as a Code to automate the provisioning of Azure resources. In this post, I’ll get you started by describing how Bicep language works as well as key differences and similarities between Bicep and ARM Templates.

Learn more
lunavi logo alternate white and yellow
1.28.2022
12
.
22
.
2021
Lunavi Response to Log4j Vulnerability

The log4j vulnerability is affecting many Apache systems. Learn how Lunavi is responding to this ongoing threat.

Learn more