This past week, a significant security flaw has threatened much of the Internet. If you’re in charge of anything on the Internet that uses Java, you’re dealing with the ongoing Apache Log4j zero-day flaw or vulnerability saga.

Monnit uses Microsoft .Net with Internet Information Services (IIS) Windows® Server and SQL Server for our application stack. So you can rest easy knowing, the servers hosting our applications don’t require patching of the Log4j flaw as they’re Microsoft Windows-based, not Java-based.

As we know, the current Java security threat is defined as the Log4j vulnerability that impacts open-source logging software for developers to know how their programs run. Cyberattackers are exploiting Log4j to hijack computers and networks using it. Patches are being released for vulnerable software.

At this time, Monnit customers should be aware that the network and Internet infrastructure supporting Monnit and iMonnit servers and software still show no indicators of compromise.

 

Brandon Young
Vice President of Information Systems at Monnit