This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 59%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAS%3C/text%3E%3C/svg%3E)
Hi Team,
As there is a Log4J vulnerability trending recently. May I get clarifications for the below points.
1) How the Log4J vulnerability impacting my Windows hosts?
2) How can I prevent or take precautions from getting affected by Log4J?
3) Microsoft released any patches for mitigating this vulnerability?
4) does it affect any other applications released by Microsoft like MSSQL, SCCM or IIS etc.
Kindly provide the updates on this.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 73%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EUO%3C/text%3E%3C/svg%3E)
I'm seeing this in Windows Servers that run Remote Web Access or even Exchange Servers OWA; the Jar stuff is in there, its old, its being flagged as vulnerabilities; and attempts being made to exploit it. We have only MS IIS, RWA, OWA etc. installed no other 3rd party web server tools; so I can conclude that Microsoft application servers are using the L4j in Inetpub logging;
Example;
SUSP_JDNIExploit_Indicators_Dec21 C:\inetpub\logs\LogFiles\W3SVC1\u_ex211210.log
0x1710:$xr1: ldap://45.155.205.233:12344/Basic/Command/Base64/
0x1829:$xr1: ldap://45.155.205.233:12344/Basic/Command/Base64/
0x1c1a:$xr1: ldap://45.155.205.233:12344/Basic/Command/Base64/
0x1d33:$xr1: ldap://45.155.205.233:12344/Basic/Command/Base64/
Created a support case with Microsoft but response leads to their generic response page; so I'm replying back with these specific details.
To be continued.....
Hello @ABDUL SAHAD
You can find Microsoft official guide and statements here:
Hope this helps with your query,
-----------
--If the reply is helpful, please Upvote and Accept as answer--