AMD slips by as Log4Shell exploit affects other top tech giants, such as Intel, Microsoft, and NVIDIA
Four days ago, the Log4Shell Java exploit was unearthed, allowing hackers to take control of exposed web-facing servers by sending and activating a malicious string of text, affecting tech giants such as Microsoft, NVIDIA, and Intel. This exploit is located in the open-source Apache Log4j library that logs events and errors inside Java-based applications.
Log4J, or Log4Shell exploit attacks Java-based systems remotely, opening up to crucial data leaks and more
The vulnerability is, also known as Log4J, is tracked under CVE-2021-44228, given by the National Institute of Standards and Technology, or NIST. This exploit can be accessed via a mobile device, API, or a browser window.
Top tech companies, such as Intel, Microsoft, and NVIDIA have all been affected by this highly effective exploit. Intel has nine applications that utilize Java and are vulnerable to the hack. Provided is the list of Intel applications affected:
- Intel Audio Development Kit
- Intel Datacenter Manager
- oneAPI sample browser plugin for Eclipse
- Intel System Debugger
- Intel Secure Device Onboard (GitHub)
- Intel Genomics Kernel Library
- Intel System Studio
- Computer Vision Annotation Tool maintained by Intel
- Intel Sensor Solution Firmware Development Kit
Due to the nature of NVIDIA and their applications and services consistently updated with the latest versions, the exploit is much harder to trace. The company does put into consideration that server managers do not consistently offer the newest updates to their machines, so NVIDIA is listing four possible products that could have a high percentage of being affected by Log4J, especially if the drivers for the products are outdated since release:
- CUDA Toolkit Visual Profiler and Nsight Eclipse Edition
- DGX Systems
- vGPU Software License Server
Since NVIDIA's DGX enterprise PCs are preloaded with Ubuntu-Linux OS and also vulnerable to the exploit, NVIDIA is communicating to users capable of manually installing Apache's Log4J functionality block to update their systems immediately.
Stay in the loop
GET A DAILY DIGEST OF LATEST TECHNOLOGY NEWS
Straight to your inbox
Subscribe to our newsletter