
close
close
Microsoft has announced some important updates for Microsoft Sentinel, its scalable cloud-native SIEM tool that provides AI-powered security analytics in enterprise environments. The Redmond giant has launched a new solution in public preview that should help IT Admins to detect Apache Log4j vulnerabilities.
Last week, Microsoft acknowledged the emergence of an Apache Log4j vulnerability (CVE-2021-44228) that is currently being exploited by threat actors to install malwares by gaining remote access to compromised devices. “The vulnerability allows unauthenticated remote code execution and is triggered when a specially crafted string provided by the attacker through a variety of different input vectors is parsed and processed by the Log4j 2 vulnerable component,” the company explained.
advertisment
With the new Log4j exploit detection tool, Microsoft is offering enterprise customers a complete solution to easily track, monitor, as well as investigate the Log4Shell exploit targeting the Log4j flaw. Specifically, IT admins will be able to access the new Log4j exploit detection solution via Microsoft Sentinel Content Hub.
However, a Microsoft representative has confirmed that enterprise customers with active Microsoft Sentinel subscriptions will have to download and install the tool from GitHub manually. “Solutions can’t be deployed into subscriptions from Microsoft Azure Cloud Solution Providers. However, you can manually add these detections into your workspace from our Github repo,” said Sarah Young, Senior Program Manager for Azure Security at Microsoft.
To deploy the new Log4j exploit detection tool, IT Admins will need to follow these steps:
advertisment
Microsoft is still investigating the Log4j vulnerability, and it’s recommending enterprise customers check for the latest updates regularly. The company is also keeping track of all the indicators of compromise (IOCs) related to the Log4j security flaw on the Microsoft Threat Intelligence Center (MSTIC), and you can find the full list on this GitHub page.
More from Rabia Noureen
advertisment
Petri Newsletters
Whether it’s Security or Cloud Computing, we have the know-how for you. Sign up for our newsletters here.
advertisment
More in Security
Build 2022: Microsoft Boosts Data Analytics and Cybersecurity in New Training & Certifications
May 24, 2022 | Rabia Noureen
Microsoft Defender for Office 365 to Get Preset Security Policy Improvements In June
May 23, 2022 | Rabia Noureen
CISA Warns Federal Agencies to Mitigate Critical VMware Vulnerabilities by May 23
May 20, 2022 | Rabia Noureen
CISA Warns Windows Admins Against Applying May Patch Tuesday Updates on Domain Controllers
May 17, 2022 | Rabia Noureen
Most popular on petri
Log in to save content to your profile.
Article saved!
Access saved content from your profile page. View Saved
Join The Conversation
Create a free account today to participate in forum conversations, comment on posts and more.
Copyright ©2019 BWW Media Group