Last week a vulnerability was discovered in Apache Log4j. This is software that is often used in web applications and all kinds of other systems. The vulnerability makes it possible for attackers to abuse the rights of remote web servers. Because this software is so widely distributed, it is difficult to estimate how the discovered vulnerability will be exploited and on what scale. Meanwhile, cyber criminals are trying to exploit the vulnerability and are actively looking for vulnerable systems. It goes without saying that this is a dangerous situation. Updates are already available.
The CCB therefore advises users of Apache Log4j to install the available updates as quickly as possible. Please follow this technical advice. The CCB is monitoring the situation closely and will publish new information on updates as soon as it becomes available. If you are not sure whether Apache Log4j is used within your organisation, ask your software supplier.
Ordinary internet users cannot take any action themselves for this.