Cyber security: Log4J vulnerability
On Friday 10 December, a worldwide cyber security vulnerability was announced by the Apache Foundation, affecting Log4J. This is a global issue affecting many organisations, including universities.
Since this news was announced, IT Services has been working to identify which of our systems could be affected by the vulnerability, and applying fixes to protect the University from attacks by cyber criminals.
This work remains ongoing; we're also liaising with third party suppliers and partners where needed. We ask for your patience for the duration of this issue as we work to mitigate risk to the institution.
What do I need to do?
- While this situation is ongoing, if a service you need to use isn't working as you'd expect it to, check the IT Status Page for announcements first, before contacting the Service Desk.
- In the meantime, remain vigilant as always to cyber security threats such as phishing emails; if you have any concerns, report them to the IT Service Desk.
- If you have your own IT equipment or services that IT Services doesn't manage, for example for your research, you may need to take action to protect these against the Log4J vulnerability.
IT Services continues to monitor the situation closely.