On Friday, December 10, a critical software vulnerability known as Log4Shell was broadly publicized. Alarmingly, this vulnerability is widespread, affecting organizations worldwide and putting numerous Stanford systems at risk. The Information Security Office (ISO) has detected related activity targeting our systems and has been working around the clock with IT teams throughout the university to apply fixes as quickly as possible.
What systems are affected?
Laptops, desktops, and mobile devices may be using this software, but they are not generally at risk. The most vulnerable systems are servers and web-based applications. We are prioritizing internet-facing services, as these are the most susceptible of all.
We need your help to search among your department's systems and urgently take steps to protect them.
What You Need To Do
If you have a server in your lab or office, and are unsure about next steps, please contact TCG immediately with the location of the server and the contact information of someone with administrative access to the server. The University Technology Consulting Group (TCG) is providing assistance with checks and remediation.
Additionally, if you know of a server in an office or lab, please instruct the owner or administrator of the server to contact TCG, as soon as possible.
How you can contact TCG:
- Please Reference “Help with log4j security check”
- ServiceNow ticket: https://tcg.sh/help
- General Help Desk Phone: 650-725-4357
Any server or application currently managed by the University (TCG, Stanford Research Computing, Stanford Web Services, or H&S IT Web team) is already being monitored and reviewed by the University. Enterprise applications like Google Drive, Box, Salesforce, Microsoft Office, are not directly affecting your computers, and the University has verified that these individual vendors are already monitoring their systems and, where necessary, taken appropriate actions.
Read more about the University’s response to Log4Shell.