Log4J Zero-Day Vulnerability

Aatrix Software, Inc. 

RE: Log4J Zero-Day Vulnerability

On Friday, December 10, 2021, the world found out about vulnerability CVE-2021-44228 in the Log4J Java component.  That component is commonly installed on Web servers and Java application-based systems and servers to log or write system messages and other messages to the computer.  

This particular vulnerability has been rated a 10.0 out of 10.0 regarding the dangerous abilities that this vulnerability poses to computer systems and its ease of being exploited.  

After exhaustive scanning and searching of the Aatrix Software, Inc. network, we can state that:

  • No servers contain the vulnerability that receive or process customer data
  • No servers contain the vulnerability used for customer management
  • No desktop computers used by members of the Aatrix team contain the vulnerability
  • No components of our network used at Aatrix for both customers and team members contain the vulnerability
  • No software deployed to our customers contains the vulnerability

In summary, after searching through thousands of servers, computers, network components, and software code modules, Aatrix Software, Inc. is not susceptible to the Log4J Vulnerability (CVE-2021-44228).  Furthermore, Aatrix has put security measures in place to prevent this vulnerability from ever coming into our systems.  

The safety and security of our customer data is the top priority of Aatrix.  We will continue to scan and monitor for this vulnerability.  Aatrix utilizes several independent companies to scan our systems as well as perform scans in-house. 

Aatrix IT and Security Team