The list of services that are vulnerable to a critical zero-day vulnerability in the open source Log4j logging utility is immense and reads like a who's who of the biggest names on the Internet, including Apple, Amazon, Cloudflare, Steam, and Twitter.
The Log4Shell vulnerability, which was discovered on Thursday, was exploited to execute malicious code on server and clients running the world's bestselling game. It became clear that there are thousands of big-name services that can be felled by similar attacks.
Some of the world's most popular and trusted cloud-based services react when they are fed parameters used in an attack. To say:
The images use a domain name system leak detection service called dnslog.cn to see if the target cloud service is performing a DNS lookup. The images show that the service is accepting connections from an attacker.
Advertisement
Ars reader skizzerz explained that the fact that Log4j is being used here proves that the server may be vulnerable to the remote code execution attack.
The services aren't automatically vulnerable to the types of code-execution attacks that compromised the Minecraft server, even though the images show the services responding in potentially dangerous ways to the user input. Multiple layers of defense is what these services typically have. If one layer fails, additional layers can be used to eliminate damage.
The images show that unauthorized people can exploit Log4Shell to access the server of some of the world's most powerful corporations. Thomas Reed, director of Mac offerings at Malwarebytes, said that the access to Apple's server is worse than if individual devices were vulnerable, and that it's an open question as to what kind of data attackers are pulling from Apple's services. Apple representatives didn't reply to the email.
Cloudflare said in a post that it has taken steps to block attacks on its network. Joe Sullivan, Chief Security Officer of Cloudflare, said that his team has been unable to reproduce the behavior depicted in the image.
On Friday, there was a fix for the game.
It is too early to say that these services are not vulnerable. People should remain cautious and wait for guidance from their providers.
The image is by Jeffrey Coolidge.
