Apache Log4j Vulnerability

In light of the recent remote code execution vulnerability in Apache Log4j 2 which was identified being exploited in the wild, we at QuickMinutes wanted to give detailed information on the mitigating steps we haven taken to secure against this vulnerability.

This vulnerability which we were notified of on the 12th of December 2021 meant depending on the security of a system an attacker would be able to instruct the system to download and execute a malicious payload. 

QuickMinutes response

As precaution here are the following measures we took:

1. We immediately performed security scans on all QuickMinutes servers to ensure:

               A) No attacks had been attempted to exploit the Log4j vulnerability

               B) No Log4j package was installed on the QuickMinutes servers      

     2. We installed all the latest security patches on our VM’s after receiving notification of this. 

This was in line with our internal Information Security Policy. 

Upon completing the investigation QuickMinutes confirms there was no attempt to exploit Log4j vulnerability and no Log4j package had been installed. 

In conclusion, we can assure you after taking the necessary actions in line with our policies that this vulnerability doesn’t pose any threat to QuickMinutes.