In early December a cybersecurity threat was discovered with the popular «log4j» utility. The Post has a good piece on the exploit, explained in non-jargon.
The fact that log4j is such a ubiquitous piece of software is what makes this such a big deal. Imagine if a common type of lock used by millions of people to keep their doors shut was suddenly discovered to be ineffective. Switching a single lock for a new one is easy, but finding all the millions of buildings that have that defective lock would take time and an immense amount of work.
Check It Out: Explaining ‘log4j’ and Why it’s a Serious Cybersecurity Threat
Andrew:
Happy Winter Solstice day.
That was a sobering read. The core relevant advice from the piece, ‘The best thing regular computer users can do is make sure the apps they use are updated to their most recent versions, Malik said. Developers will be sending out patches over the coming days to fix any log4j issues, and downloading those quickly will be important.’, is sage advice.
I’ve heard rumours that Apple have patched up vulnerabilities on their cloud services, however I don’t think I’ve seen anything in writing from a credible source.
If you have any further updates on Apple-related products and services, please post.
Cheers.