What did Smartbooqing do when the vulnerability was reported?
As soon as NCSC reported a serious vulnerability in Apache Log4J, Smartbooqing started to investigate the software and hardware affected by the vulnerability. We performed an initial analysis of the impacts to know whether any of the infrastructure components got affected with the help of vulnerabilities published by vendors.
Which concrete actions have been carried out by Smartbooqing?
Actions performed by Smartbooqing are as follows:
- Performing checks on finding the vulnerability
- Implementing the Apache Log4J update wherever necessary
- Informing to and ensuring from our subprocessors on the vulnerability fixes
- Ensuring that our production, test, development environments are scanned
This assessment showed that as we use Microsoft technology and do not use Java components in mainstream development (apart from PEPPOL infrastructure) we are already away from the vulnerability.
What are the current steps?
We are monitoring and verifying with our sub-processors like the Hosting service provider whether all patches and fixes are completed and infrastructure is clean.
We continue to perform checks on operations team end-user nodes for the vulnerabilities as we did for rest environments.
Are you sure the production environment is not vulnerable?
Based on the information available from several software vendors and the scanning we did on critical priority for the production environment, as far as we know, that environment is unaffected. Out of the vulnerable list, only Elastic search was part of the vulnerable software list published by vendors so it’s updated already to be on the safer side. Also, our Elastic search service is not internet-aware and is used internally so it’s safe already.
Our hosting provider has also ensured that as of now they have no impacts found on our environment.
Has vulnerability been exploited already?
While investigating we did not find any pieces of evidence or patterns of the vulnerability so to our knowledge vulnerability is not exploited in our environment.
Are you sure that vulnerability has not been exploited on other systems or sub-processors?
Based on the current information there is no indication that vulnerability has been exploited on other systems or our sub-processors.
Is there anything I can do for myself?
As Smartbooqing is a Saas solution so we do not deliver desktop software other than Smartbooqing Account View Connector that is used for Account View desktop software communication. If you have an Account view connector and you use any of the vulnerable software reported by NCSC then we suggest you scan your system for vulnerability so that your environment remains safe.
It’s always a good practice to –
- Keep your passwords safe
- Keep your passwords strong
- Not to share your credentials with others
- Keep changing your password frequently
- Stay alert of phishing emails, apply spam policies
- Not to open emails from unknown senders or click on any unknown links inside the email.
Stay safe!