AMD remains safe from Log4Shell Java vulnerability while Intel, NVIDIA, and Microsoft gets affected

Recently, a Java vulnerability (Log4Shell) was discovered that allows an attacker to remotely execute commands on the exploited machine. The vulnerability affects the logging library in Apache, a widely used open-source server package, and is tracked by the National Institute of Standards and Technology (NIST) as CVE-2021-44228. Any system that can be accessed directly from a browser, mobile device, or application programming interface (API) call is vulnerable.

While AMD has stated that it’s software products are not vulnerable to the exploit, Intel has listed as many as nine Java-based applications that are currently vulnerable.

  • Intel Audio Development Kit
  • Intel Datacenter Manager
  • Intel one API sample browser plugin for Eclipse
  • Intel System Debugger
  • Intel Secure Device Onboard (mitigation available on GitHub)
  • Intel Genomics Kernel Library
  • Intel System Studio
  • Computer Vision Annotation Tool maintained by Intel
  • Intel Sensor Solution Firmware Development Kit

The vulnerability in Apache’s Log4J service allows a hacker to fool the target server into downloading and running arbitrary (malicious) code hosted on a server controlled by the attacker, bypassing numerous levels of software security protections. Importantly, the exploit does not necessitate physical access to the computer. It can be triggered by any server that has access to the internet. This explains why the vulnerability was rated at the highest level possible under the “CVSS 3.0” guidelines: 10. Intel is presently working on releasing updated versions of these applications that address the flaw.

AMD has stated that no of its products appear to be affected by the issue following early analysis. However, AMD stated that it is “continuing its analysis” in light of the potential implications.

The situation at Nvidia is a little more complicated: There is currently no known exploitable vulnerability when using the most recent releases for each application’s services and sub-services. However, server administrators may not always have the most recent updates installed on their machines, and the company has identified four products that are vulnerable to “Log4Shell” if they are out of date:

  • CUDA Toolkit Visual Profiler and Nsight Eclipse Edition
  • DGX Systems
  • NetQ
  • vGPU Software License Server

Furthermore, Nvidia distributes Ubuntu-Linux packages with its DGX enterprise computing systems, and users can install Apache’s Log4J capability block on their own. As a result, the systems are immune in their out-of-the-box state. However, in circumstances where the Log4J service was installed, Nvidia is advising customers to update it to the most recent version, which closes the hole.

Microsoft has released updates for two of its products that address this vulnerability: Certain Log4J elements are used in the boot process of the Azure Spring Cloud, making it vulnerable to exploits unless updated. Microsoft’s Azure DevOps application has also been patched to prevent the hack from being used.

also read:

Apple starts the trial production of its iPhone 13 in India

Source

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More like this

AMD’s Medusa Point APUs May Stick with RDNA 3.X Instead of RDNA 4 or 5 – What It Means for Gamers

AMD’s Medusa Point APUs May Stick with RDNA 3.X...

AMD’s next-gen Medusa Point APUs, set to feature the powerful Zen 6 architecture, might not be upgrading...
AMD AERITH Plus SoC: A Powerhouse Upgrade for Steam Deck 2?

AMD AERITH Plus SoC: A Powerhouse Upgrade for Steam...

AMD is reportedly preparing a next-generation AERITH Plus SoC, designed to push the performance boundaries of handheld...

Microsoft May Discontinue Skype in May 2025, Push Users...

Microsoft appears to be preparing to phase out Skype. In the latest preview of Skype for Windows,...
AMD Ryzen AI 5 340 Benchmarks on Geekbench: Radeon 840M Outperforms 740M by 19% in OpenCL Test

AMD Ryzen AI 5 340 on Geekbench: Radeon 840M...

In the ever-evolving world of computing, performance is paramount, but affordability often becomes a key deciding factor...
NVIDIA AI PC SoC

NVIDIA Shatters Records: $39.3 Billion Q4 Revenue & AI...

NVIDIA has once again outperformed expectations, reporting a record-breaking Q4 revenue of $39.3 billion, marking a 12%...

LATEST NEWS

Monster Hunter Wilds: Your Complete Portable BBQ Grill Survival Guide

Monster Hunter Wilds Portable BBQ Grill Guide! In the unforgiving wilderness of Monster Hunter Wilds, survival is an art form, and mastering the Portable BBQ...

Samantha Ruth Prabhu: A Regal Celebration of 15 Years in Indian Cinema

Samantha Ruth Prabhu, a name synonymous with elegance and talent in the Indian film industry, recently marked a significant milestone—15 glorious years in cinema....

Mira Kapoor: Where Comfort Meets Couture – A Fashion Manifesto

In the grand theater of fashion, some performers don’t just wear clothes – they tell stories. Mira Kapoor is one such storyteller, a maestro...

Oscars 2025: From Cynthia Erivo to Kylie Jenner Most Stunning Red Carpet Fashion Moments Revealed

The 97th Academy Awards or Oscars 2025 transformed the red carpet into a canvas of artistic expression, where fashion became more than clothing –...

Featured