RCR Wireless
  • News
  • Channels
    • 5G
    • 6G
    • BSS OSS
    • Carriers
    • IoT
    • Network Infrastructure
    • Open RAN
    • Private 5G
    • Telco AI
    • Telco Cloud
    • Test & Measurement
  • Resources
    • Reports
    • Webinars
    • White papers
    • AI Fundamentals
    • Analyst Angle
    • Editorial Calendar
    • Fundamentals
      • 5G NR Release 17
      • AI
        • Telco AI in 2025
    • Podcasts
      • Let’s Get Digital with Carrie Charles
      • Wireless Connectivity to Enable Industry 4.0 for the Middleprise
      • Well Technically…
      • Will 5G Change the World
      • Accelerating Industry 4.0 Digitalization
  • AI Infrastructure
  • Programs
  • Events
  • RCRtv
  • Advertise
  • Subscribe
Saturday, July 11, 2026
RCR Wireless
  • News
  • Channels
    • 5G
    • 6G
    • BSS OSS
    • Carriers
    • IoT
    • Network Infrastructure
    • Open RAN
    • Private 5G
    • Telco AI
    • Telco Cloud
    • Test & Measurement
  • Resources
    • Reports
    • Webinars
    • White papers
    • AI Fundamentals
    • Analyst Angle
    • Editorial Calendar
    • Fundamentals
      • 5G NR Release 17
      • AI
        • Telco AI in 2025
    • Podcasts
      • Let’s Get Digital with Carrie Charles
      • Wireless Connectivity to Enable Industry 4.0 for the Middleprise
      • Well Technically…
      • Will 5G Change the World
      • Accelerating Industry 4.0 Digitalization
  • AI Infrastructure
  • Programs
  • Events
  • RCRtv
  • Advertise
  • Subscribe
Add RCR Wireless as a preferred source on Google
  • Qualcomm 6G Insights
  • Huawei Content Hub
  • Qualcomm – 6G Vision
  • OSS/BSS Channel
  • RCRTech Roundtable: AI Infrastructure
RCR Wireless
RCR Wireless
  • Advanced Mimo
  • Mobile mmWave
  • 5G Positioning
  • Green Networks
  • Metaverse
  • Automotive
  • Industrial and Wide-area IoT
Copyright 2021 - All Right Reserved
Home - Hyperscalers scramble to fix Apache Log4J 2 exploit
Telco CloudFeatured

Hyperscalers scramble to fix Apache Log4J 2 exploit

by RCR Wireless News December 13, 2021
written by RCR Wireless News December 13, 2021 Share
LinkedinEmail
Share 0LinkedinEmail
IoT security botnets network edge Salt Typhoon
Image: 123RF stock photo
154

A zero-day exploit first spotted in the popular game Minecraft has IT departments around the world rushing to update the popular Apache Java-based logging software.

Hyperscalers and others issued patches and warnings over the weekend following news of a zero-day exploit in the popular Apache Log4J 2 library. Attackers can gain full control of systems affected by the bug. Exacerbating the severity of the news, the exploit has been seen in the wild, according to reports. Hyperscalers provided guidance to customers over the weekend to mitigate the exploit and details on affected customer-facing services.

The exploit, known colloquially as Log4Shell and also as LogJam, was first noticed in the hugely popular game Minecraft. Developer Mojang Studios rushed out a patch and told users to update affected servers and systems.

“Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled,” reads the Common Vulnerabilities and Exposures (CVE) entry.

Apache Log4J 2 is an open-source logging library used in Java programming. Developed by the Apache Foundation, Log4J 2 is widely popular and used in many applications, including enterprise and cloud services. All Log4J versions between 2.0 and 2.14.1 are affected by the bug. That includes many cloud services and applications which have those versions of Log4J as a dependency. 

According to the report, this behavior has been disabled in Log4J 2.15.0 and later versions. 

Hyperscalers act swiftly on Log4J 2

Hyperscalers wasted no time getting the word out over the weekend and putting mitigation strategies in place. AWS posted a warning for its customers to let them know of the issue, encouraging those who manage environments to update to the latest version. 

AWS noted that has updated or is in the process of updating internal services which use Log4J. Those include CloudFront, its Content Delivery Network (CDN). AWS said that many services were already updated or unaffected.

Microsoft issued a response that included mitigation guidance for affected services on Microsoft Azure.

“The scope of impact has expanded to thousands of products and devices, including Apache products such as Struts 2, Solr, Druid, Flink and Swift. Because this vulnerability is in a Java library, the cross-platform nature of Java means the vulnerability is exploitable on many platforms, including both Windows and Linux,” said Microsoft.

Google said that customers of Google Cloud Armor, its network security service, can download a new Web Application Firewall (WAF) rule to detect and, optionally, block the exploit. The company also updated Google Cloud IDS, its Intrusion Detection System (IDS), has also been updated. 

Google Cloud IDS is network security software for businesses that host Virtual Private Clouds (VPC) on Google Cloud. It provides a unified interface to provide threat detection, replacing “patchwork” solutions. Last week Google released IDS in all regions. It debuted as a preview in limited release over the summer.

You Might Also Like
  • Telefónica, Google Cloud boost Spain’s sovereign cloud ambitions
  • AI fuels cloud growth past $500B, Synergy Research finds
  • Powering the future of cloud RAN with the Dell PowerEdge XR8720t
  • Calix brings agentic AI to small ISPs for easy service differentiation
  • ‘From core to edge’ — Telefónica Germany on cloud-native shift
  • Deutsche Telekom launches industrial AI factory in Munich
Share 0 LinkedinEmail
RCR Wireless News

previous post
Airspan, Padtec, Tropico ink MoU for 5G solutions in Brazil
next post
Wi-Fi 6E: ‘A spectrum update, not just a technology update’

White Papers

  • Enea White Paper: Why Intelligent AAA is the Swiss Army Knife of Telecom

  • CSG White Paper: Telco AI Enabler: Mediation’s Defining Role

  • Enea White Paper: Scalable Database Design for 5G and Beyond

  • Supermicro and NVIDIA Whitepaper: Powering sovereign AI at scale

  • VIAVI Whitepaper: RAN scenario generators and their critical role for future-proofing AI-native RAN in Advanced 5G and 6G networks

Editorial Reports

  • Report: Scaling Optical Networks For The Hyperscale And AI Era

  • Test And Measurement Market Pulse Report

  • Editorial Report: Securing telecom infrastructure for the quantum era

Webinars

  • Webinar: Building 6G — aligning technology, policy and purpose

  • SIMCom Webinar: Scaling your next deployment – from plastic to provisioning

  • Webinar: Rethinking the RAN as AI, cloud and openness converge

  • Webinar: Scale-Up, Scale-Out, Scale-Across – Building AI-Era Network Fabrics

  • Webinar: NTN in motion – evolving standards, expanding services

Since 1982, RCR Wireless News has been providing wireless and mobile industry news, insights, and analysis to mobile and wireless industry professionals, decision makers, policy makers, analysts and investors.

Facebook Twitter Youtube Linkedin Envelope Rss

Useful Links

  • Subscribe
  • About RCR Wireless News
  • Contact Us
  • Advertise
  • Editorial Calendar
  • Archive
  • RSS
  • Wireless News Archive
  • Subscribe
  • About RCR Wireless News
  • Contact Us
  • Advertise
  • Editorial Calendar
  • Archive
  • RSS
  • Wireless News Archive

Edtior's Picks

Webinar: Building 6G — aligning technology, policy and purpose
Vodafone at the heart of Euro telco reset as Iliad owner buys e&...
How operations leaders see 5G as vital for mission-critical workflows (Reader Forum)

Latest Articles

Webinar: Building 6G — aligning technology, policy and purpose
Vodafone at the heart of Euro telco reset as Iliad owner buys e& stake for $5.9bn
How operations leaders see 5G as vital for mission-critical workflows (Reader Forum)
Thursday (telco diary) | The plumbing is the product

© 2026 RCR Wireless News All Right Reserved. Developed by Eight Hats.

Cookie Policy | Privacy Policy

RCR Wireless
  • News
  • Channels
    • 5G
    • 6G
    • BSS OSS
    • Carriers
    • IoT
    • Network Infrastructure
    • Open RAN
    • Private 5G
    • Telco AI
    • Telco Cloud
    • Test & Measurement
  • Resources
    • Reports
    • Webinars
    • White papers
    • AI Fundamentals
    • Analyst Angle
    • Editorial Calendar
    • Fundamentals
      • 5G NR Release 17
      • AI
        • Telco AI in 2025
    • Podcasts
      • Let’s Get Digital with Carrie Charles
      • Wireless Connectivity to Enable Industry 4.0 for the Middleprise
      • Well Technically…
      • Will 5G Change the World
      • Accelerating Industry 4.0 Digitalization
  • AI Infrastructure
  • Programs
  • Events
  • RCRtv
  • Advertise
  • Subscribe
RCR Wireless
  • News
  • Channels
    • 5G
    • 6G
    • BSS OSS
    • Carriers
    • IoT
    • Network Infrastructure
    • Open RAN
    • Private 5G
    • Telco AI
    • Telco Cloud
    • Test & Measurement
  • Resources
    • Reports
    • Webinars
    • White papers
    • AI Fundamentals
    • Analyst Angle
    • Editorial Calendar
    • Fundamentals
      • 5G NR Release 17
      • AI
        • Telco AI in 2025
    • Podcasts
      • Let’s Get Digital with Carrie Charles
      • Wireless Connectivity to Enable Industry 4.0 for the Middleprise
      • Well Technically…
      • Will 5G Change the World
      • Accelerating Industry 4.0 Digitalization
  • AI Infrastructure
  • Programs
  • Events
  • RCRtv
  • Advertise
  • Subscribe
@2020 - All Right Reserved. Designed and Developed by PenciDesign