There are a lot of headlines about an internet server exploit, the Log4j.
The problem:
Many devices, e.g. cars, fridges, mobile phones, internet servers, etc., use java's programming language. Now, if a fridge, few would worry. A car, maybe. But, if it is a server or mobile phone, what can happen is this. You do something on them. Now some of these might have a hacked version of Log4j. If so, a hacker may execute a command, e.g. to send them your account name and password.
The immediate problem is that not much can be done about it. How do you know if java is running? If so, is Log4j used? If so, what version of Log4j is used? If an old version, has it been hacked?
Solution:
None exists that is why everyone is worried.
Once the word got out, we were not worried about our systems as we do not use java much. Then it turned out that we were possibly affected so we brought down all our systems and checked them. We were okay.
We have checked our systems and they will not cause you problems with Log4j.
Also, I can tell you how to check it with a caveat that if this checking program here is hacked, you are opening yourself to a hack by running this. So only use it, if you must. I have used this on my computer, but our system administrator refuses to run it on our servers.
As such, I am recommending our clients wait and be careful.
For example, I am not doing internet banking for a few days, and then I will change some of my internet passwords.
Update:
Log4j, now it turns out to be a bigger problem as it can get into the Cpanel, which is the guts of most of the internet. So the computer does not need even to be running java.
Also since this affects older versions, you need to be on the latest version of Windows 10. Microsoft no longer gives security updates for older versions of Windows 10.
