16.12.2021

Log4j information

In the IT security world, there’ve been a lot of sleepless nights recently due to a newly discovered security vulnerability that lets attackers who are not even very technically sophisticated, remotely inject code on a computer and take over control of it. This is due to a mishap in a very popular Apache Java program logging component, now nicknamed “Log4j” (more details here)

Frama has now completed its assessments to verify its IT infrastructure which provides the backbone of the services.

  • FramaOnline2 Remote Recrediting Service
  • FramaOnline2 TaxMeter Management Service
  • Imnudoo Postage Cloud Service (MFX
  • RMail Cloud
  • RSign App services
  • RPortal

All platforms in scope do not use this library or any Java programs, so you do not have exposure to Log4j risks simply by use of these services.

Our partner RPost has published an interesting blog article discussing the need for more visibility in security. Please find addition information here: https://rpost.com/blog/log4j-and-security-in-visibility/.

  • Frama News - Medienmitteilung DSGVO