To: DW® Customers
Date: December 13, 2021
Re: Log4J Logging Framework Concerns
Log4J (JAVA) Framework Exploit Concerns
This past Friday (12/10/2021), a severe vulnerability existing in Log4J, a widely used Java-based logging library developed by the Apache Software Foundation, was discovered to enable code injection on affected servers.
This technical bulletin is to inform you that the DW Spectrum VMS suite does not use JAVA and is not vulnerable to the Log4J zero-day exploit.
The DW Spectrum VMS suite consists of:
There are tools online that can be used to check your system for vulnerabilities, such as the Log4J exploit. However, in the case of DW Spectrum, a false positive may instead appear as a “log4js” detection, which should not be mistaken by users as a vulnerability.
More information on this vulnerability can be found here:
Request Form: https://digital-watchdog.com/contact-tech-support/
Rev: 12/21 Copyright © DW. All rights reserved. Specifications and pricing subject to change without notice.