What is Log4J?
Log4J is a piece of free, open source software written in Java that is used by thousands of websites and business applications around the world.
Due to its widespread use millions of internet users have been put at risk as it’s security vulnerability has opened the door for targeted acts where hackers can:
- steal sensitive information;
- take control of systems; and
- install malware on a user’s computer.
However, this is only for users that are interacting with the affected website or application.
The problem is that Log4J is everywhere. Big business such as Apple iCloud and Amazon Web Services have been affected by the Log4J security vulnerability, but they aren’t the only ones.
Who is affected?
Essentially, any business or website that uses Java or Log4J is at risk.
Is the GiveEasy platform affected?
Luckily for GiveEasy users, we do not use any Java or Log4 dependencies. This means we are not affected by this security risk.
If you are a GiveEasy user you do not need to worry about the Log4J and Log4Shell security vulnerability on our platform.
We strongly encourage you to talk to all your service suppliers to check if they use Java and Log4J.
If they do it’s important to ask:
- what your current risk exposure is;
- what are you doing to patch the Log4J security vulnerability; and
- what I need to do as a charity, if anything.