Pure AV are aware of the Apache Log4j critical vulnerability (CVE-2021-44228) and have taken swift action with an immediate security audit to evaluate our systems against the vulnerability.
Based on the list of applications in operation by Pure AV and further to our investigation, Pure AV do not appear to be impacted by the vulnerability at this time. However, if this changes please rest assured we will remediate the issue as soon as possible.
We will continue to evaluate our partners, monitor our systems and deploy security measures to address any potentially vulnerable systems.
More information about the vulnerability can be found at ncsc.gov.uk.
Current updates and awareness statements from some of our key vendors and manufacturers can be found on the following links:
QSC - https://www.qsc.com/support/security-vulnerabilities/
Crestron - www.crestron.com/Security/Security_Advisories
Extron - www.extron.com/featured/Security-at-Extron/extron-security
Logitech - blog.logitech.com/2021/12/14/log4j-vulnerability/
StarLeaf - starleaf.com/resources/standby-blog/log4shell-response/
Pure AV takes the security and safety of our systems, products and customer's data very seriously. We will continue to closely monitor the environment.
Should you or your organisation require any further assurances or information regarding our Cyber Security policy; please contact us.
Last update 17th December 2021