Computer security experts around the world are trying to fix one of the worst software weaknesses found in years. The vulnerability is in an open-source program widely used by government and industry. It has become a major threat to organizations around the world. “The internet’s on fire right now," said Adam Meyers. He is the vice president at the cybersecurity company Crowdstrike. The problem is found in an open-source Apache utility called log4j. It is used to run websites and other web services. The vulnerability is known as “Log4Shell.” The software problem's severity was rated 10 on a scale from one to 10 by the Apache Software Foundation, which oversees development of the software. The vulnerability was reported on November 24 by the Chinese technology company Alibaba. It took two weeks to develop a patch. Last week, Meyers said that within 12 hours of discovering the problem it had been "fully weaponized.” He said criminals have already developed and distributed tools to exploit it. He said criminals have already developed and distributed tools to exploit it. Experts say the bug, another word for a software problem, may be the worst computer weakness discovered in years. The Apache software is used in almost all cloud computing servers, across industry and government. Unless it is fixed, the bug gives criminals the ability to easily access internal networks. There, they could steal important data, put malware in place, and do much more damage.
What is a vulnerability?
something open to attack, harm, or damage
a part of a computer system or network which is designed to block unauthorized access
a tower or pit on a farm used to store grain
a town or city with a harbor where ships load or unload
On a scale of 1 to 10, what was the severity rating of this problem?
Ten
Nine
Eight
Seven
He is the vice president at the cybersecurity company Crowdstrike.
president
doctor
presenter
preteen