Fractal Softworks Forum
March 28, 2024, 05:33:23 PM
Welcome,
Guest
Please
login
or
register
.
1 Hour
1 Day
1 Week
1 Month
Forever
Login with username, password and session length
News:
Starsector 0.97a is out!
(02/02/24); New blog post:
Simulator Enhancements
(03/13/24)
Home
Help
Search
Login
Register
Fractal Softworks Forum
>
Other
>
Discussions
>
Log4J attack!
« previous
next »
Pages: [
1
]
Print
Author
Topic: Log4J attack! (Read 2110 times)
xenoargh
Admiral
Posts: 5078
naively breaking things!
Log4J attack!
«
on:
December 12, 2021, 10:35:01 AM »
This is probably Old News for most of the IT pros here, but be aware that Log4J (which is used by Starsector, Minecraft, a wide variety of Linux distros, etc., etc.) has been successfully attacked and allows for a very broad assault on end-users' machines. This security flaw has been patched by the Log4J team in the current version.
Logged
Please check out my SS projects
Xeno's Mod Pack
Alex
Administrator
Admiral
Posts: 23987
Re: Log4J attack!
«
Reply #1 on:
December 12, 2021, 12:39:56 PM »
The fact that Starsector is a single-player game entirely aside (and so isn't subject to the Minecraft "chat message" attack vector type of thing), the version of log4j it's using also fortunately doesn't have this vulnerability, by virtue of being too old.
Logged
xenoargh
Admiral
Posts: 5078
naively breaking things!
Re: Log4J attack!
«
Reply #2 on:
December 14, 2021, 12:28:11 PM »
Well, sometimes using an old codebase has its advantages, lol.
I mainly wanted to make sure people were informed and
did the basics
to check their projects out, as this is a pretty nasty Zero Day exploit.
Logged
Please check out my SS projects
Xeno's Mod Pack
Print
Pages: [
1
]
« previous
next »
Fractal Softworks Forum
>
Other
>
Discussions
>
Log4J attack!