The current situation
The AUAS and UvA have taken a number of measures in order to prevent malicious parties from taking advantage of this vulnerability, for example by updating our software to a version that is resistant to this vulnerability, but also by continuously monitoring our systems and applications for potential exploitation.
Have you yourself installed software on your ICT-workstation and/or are you using a self-managed device?
Please make sure to always use the latest version of the software that you have installed. On the websites of the suppliers of this software, you can see what this latest version is. Please be sure to keep checking if there are new updates available in the coming weeks, as we have noticed that since this vulnerability was discovered, software suppliers have regularly updated their software. Please also stay alert when it comes to phishing e-mails. For tips, see your AZ list > Security > Phishing and ransom ware.
Have you run into anything suspicious?
During office hours: please contact Servicedesk ICT Services via email@example.com or by phone via 020-525 1402.
Outside of office hours or in case of a critical security incident: please contact CERT directly via CERT@uva.nl or via 020-525 3322.
Please indicate the following:
- which software this is regarding;
- what your findings are.
The CERT will then contact you in order to determine whether this regards the vulnerability and if so, how to deal with this.
If you have any questions regarding this vulnerability, please contact Servicedesk ICT Services.
What is happening?
A critical vulnerability was discovered in Apache log4j. This is software that is often used in web applications and a number of other systems, including systems of the AUAS and UvA. The National Cyber Security Centre has confirmed that this vulnerability is actively being exploited by malicious parties. These exploitations have also been detected in higher education. In order to prevent the AUAS and UvA from becoming targets of such exploitations, the Computer Emergency Response Team (CERT) and ICT Services have taken multiple precautionary measures.