Concerned by the Security Risk Affecting Popular Services and Apps? Here’s What We Know.

Several security researchers have recently reported a powerful software bug that could potentially affect thousands of popular websites, services, hosted apps, and even game servers—thanks to an apparent flaw that could allow hackers to compromise or take control of servers that run them. 


 Just as reported by the developers of the popular Minecraft game, this flaw potentially affects servers that run Twitter, Apple’s iCloud, the Steam gaming platform, and a growing number of others that may be vulnerable. 


One research group has dubbed the vulnerability as “Log4Shell,” and the name appears to be sticking. It involves a widely used software used to log information on servers. This software is open source, meaning it is freely available to developers. As a result,  countless organizations and businesses use it on their servers.   


While details are still evolving, researchers are acting with a proper degree of caution given the potential scope of the issue. Needless to say, the immediate level of concern remains high given the potential of the flaw to impact millions of servers, devices, and the people who use them. 


What can an attacker do with this vulnerability?  


At this early stage, a few things appear to be possible: 


A hacker could access the logs on impacted servers, gathering the information kept there. This could include any kind of information from chats, usernames, passwords, or other information, depending on what’s being logged by the website, app, or service in question.  
In some instances, the vulnerability reportedly allows hackers to execute code or functions that can compromise or even take over the targeted server. For example, there have been  concerned security affecting popular services