Red Argyle Logo

Patterns
The Salesforce Blog with Tailored Goodness

Red Argyle Update on Log4J Vulnerability

Security and Privacy are very important to us at Red Argyle.  This post is to share some information regarding a recent exploit known as “Log4j”.  Log4j is a known vulnerability impacting a large number of software vendors across the globe including Salesforce.  The vulnerability is based on a logging feature hosted on some Java applications.  A detailed description of the exploit is available from the Center for Internet Security and is located here.

Salesforce immediately began communicating its status on trust.salesforce.com.  Their internal investigation and efforts are ongoing.  Salesforce is providing assurance that they are proactively communicating any known issues directly with customers and are in the process of patching any suspected impacted systems.

Red Argyle’s services are 100% rooted in the Salesforce.com platform.  It appears that the vast majority of our customers and configurations will have no action items relating to their core Salesforce build, instead, Salesforce will be proactively remediating anything related to their infrastructure.

However, out of an abundance of caution, we do recommend the following actions:

We will continue to monitor the situation and share updates if there are any impactful changes warranting further immediate action.  If you have questions, please email help@redargyle.com and we will have an engineer respond as quickly as possible to validate any possible action required.

Thank you!