Tucows’ response to Log4j vulnerability

Tucows (that is includes OpenSRS, Ascio, Enom) issued a statement on what their response was to the newly discovered Log4j vulnerability:

“Last Friday, a critical system vulnerability with Log4j was uncovered that has the potential to result in remote code execution against applications.

Since this announcement, Tucows’ Security, Engineering, and Quality Assurance teams have been working around the clock to identify all applications using Log4j and mitigate the identified vulnerability; critical component updates were made over the weekend for Tucows’ entire portfolio, including fiber internet, domains, and mobile services enablement.

Testing is still underway, but initial findings show no evidence of compromised data or systems within Tucows’ infrastructure, which includes OpenSRS, Ascio, Enom, Ting Internet, and Ting Mobile. The Tucows Domains Compliance team is also working to mitigate the worldwide damage by disabling domains taking advantage of the Log4j vulnerability.

At this time, there is no action required from our customers. If this changes, we will provide an update immediately to affected customers.

Regards,

Tucows Security Team”

Sold.Domains

About Konstantinos Zournas

Studied Computer Engineering and Computer Science in London, UK and now living in Athens, Greece. Love domains and building websites. Went online in 1995, learned about HTML in 1996 and about domains in 2002. Started publishing the OnlineDomain.com blog in 2012.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.