JAKARTA - Germany's federal government cybersecurity watchdog, BSI, on Saturday, December 11 issued a red alert, the highest level of warning, on a flawed piece of widely used software. They said it was a "very critical threat" to web servers.

A vulnerability in a Java-based library known as Log4j could be exploited to allow a complete takeover of an affected system, BSI said in a statement on its website.

"The reason for this assessment is the very wide distribution of the affected product and the associated impact on countless other products. The vulnerability is also easy to exploit, and proof of concept is publicly available," BSI said as quoted by Reuters.

"BSI is aware of worldwide and German mass scanning and compromise attempts. Successful initial compromises were also publicly reported," he added.

BSI says that while there is a security update for Log4j, all products that use it will also need to adapt. They recommend that companies and organizations implement the steps outlined in the cybersecurity warning.


The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)