7/19/2023 0 Comments Vmware horizon onlineThe Log4J scenario to some is a non event, but when we look at this at scale and when we look at certainly technology stacks it has really serious poential for negative impact. To be blunt, the intel we are getting is changing very rapdily from both a threat and vulnerability perspective. The constant phrase with log4shell is “dynamic and evolving”. I’m going to be vaugue here on purpose, mainly because I’m not omnipotent and the scale of the challenge here is significnatly large that it’s subject to change. In Decemebr a critical vulnerability (created by a feature request) in Log4J was discovered (named Log4Shell), unveiling the reality that an enormous amount of products may be vulnrable to a relativley simple remote code execution vulnerability (which includs a huge range of internet facing systems, such as vmware horizon). Once you have checked, run a backup, then if they aren’t patched, patch the servers! (i know patching isn’t as simple as just patch!) Introduction It’s crude so also look for the modified timestamps, recent unexpected blast service restarts and if you have process logging go and check for suspicious child processes over the period. Go and run this on the connection servers:
0 Comments
Leave a Reply. |