The Log4j vulnerabilities have affected millions of devices and services, causing massive chaos worldwide. While Apache constantly develops and releases the mitigations, the security providers are doing their part. Microsoft has also updated its Defender solution to provide users with more information.
Checking installed Log4j version
The latest update gives Microsoft Defender the ability to detect and counter Log4j vulnerabilities automatically. Defender is now able to watch the vulnerabilities constantly. By using the software, it is possible to identify Log4j library components. It will also check the installed software using a vulnerable Log4j version. The new update includes a new schema named DeviceTvmSoftwareEvidenceBeta. The new schema can bring file-level findings from the storage to let the user link them with additional context.
Those new features are included in Microsoft Defender for Endpoint and Microsoft Defender for Containers and Defender 365. Those features also come to Windows 10 and Windows 11. Windows 2008, 2012, and 2016 can also utilize the capabilities above. In addition, Linux users can get the latest enhancements by simply updating the Defender for Linux to 101.52.57 (30.121092.15257.0).
Related Stories
- Apache Log4j 2.17.1 is released to fix a new flaw
- Two new vulnerabilities are found on Log4j, only one of them is fixed yet
- CISA published an emergency directive for Log4j
- Google joining the war against Log4j exploits
- Hackers exploit Log4j to inject Monero miners, shifting from LDAP to RMI
- A third, new Apache Log4j vulnerability is discovered
- How to scan your server to detect Log4j (Log4Shell) vulnerability
- The Log4j flaw is patched but it is still vulnerable
- CISA published Log4j vulnerability guidance
- Zero-day Apache Log4j RCE vulnerability (Log4Shell) is being exploited