Software flaw 'Log4Shell' may be worst computer vulnerability in a decade

In what may be the worst computer vulnerability found in years, the flaw, which is dubbed “Log4Shell”, is risking several organisations around the world.  

The critical vulnerability, which is present in a widely used software tool, is emerging to be a major threat.  

The vulnerability, which was unearthed in an open-source logging tool, is present in cloud servers and enterprise software used by numerous industries and governments.   

Also Read: Apple briefly stopped selling its products in Turkey, but why?

Unless fixed, it may grant miscreants an easy access to internal networks, which can result in loss of valuable data, deletion of crucial information, etc.  

It can be a boon for spies, criminals and programming novices. Adam Meyers, senior vice-president, intelligence, cybersecurity firm Crowdstrike, said, “The internet is on fire right now. People are scrambling to patch and all kinds of people scrambling to exploit it.”  

Also Read: Songs by virus: Company selling COVID-19 sound for NFT

As it is already installed on millions of servers, anyone with the exploit can get full access to an unpatched computer, which uses the software.  

Located in an open-source Apache software, which is used to run websites and other web services, the vulnerability was reported to the foundation on November 24 by the Chinese tech giant Alibaba. In two weeks, a fix was developed and released.  

The real complicated task is the patching of systems around the world.  

(With inputs from agencies)