Log4J vulnerability – update for MJR products

As already announced by the media, there was a major security vulnerability in the Java library Log4J. Through this vulnerability, there is the possibility for cyber criminals, to hack private as well as corporate computers.

Unfortunately, our products Uploadia and the MJR XA plugin were also affected. Therefore, we would like to ask all customers with the above products to contact us via our support portal Zammad. We will provide the updated versions with Log4J 2.17. For us, the security of our products plays a major role, which is why we will always continue to update them to the current security standard.

The developers of the library have released a patch with version 2.15 (CVE-2021-44228, this number is the unique number assigned to each vulnerability discovered worldwide). A few days ago it became known that version 2.15 does not completely close the vulnerability. With the now latest version 2.17 the problems are solved (as of 21.12.2021).

If you encounter any problems during the update, our team will be happy to help you.

 

Infor ERP XA Release 10
Menü