cancel
Showing results for 
Search instead for 
Did you mean: 

LOG4J

JFPoirier
Observer

We would like to know if Zoom solutions are safe for LOG4J vulnerability ? Thanks

6 REPLIES 6

superfoxxy
Observer

We are aware of the Log4j vulnerability. Zoom is currently following the recommended mitigation steps from Apache and patching impacted systems by updating Log4j version 2.15.0 or implementing recommended mitigations.

 

The Zoom Security Team conducted a thorough investigation and believes Zoom Clients and on-premise deployments are not impacted.

 

For our own infrastructure, Zoom is following the recommended mitigation steps from Apache and patching any identified system

RL1
Observer

is there an official statement you can point me too?

superfoxxy
Observer

this is the official statement. Please reach out to your Zoom Account Representative as he/she can send a personalised customer statement. 

 

breadandbutter
Observer

Has Zoom, if effected, patched for the second vulnerability of Log4Shell? Status CVE-2021-45046

Thank you

Colm_mac
Observer

Has Zoom confirmed that they have patched CVE-2021-45046 and CVE-2021-44228 or are they still at risk? We will need to advise users not to use the service until confirmed.

 

Thanks

VA
Zoom Moderator

Thank you all for your questions, there is more information available in Zoom's public post regarding Log4j: Zoom Security Bulletin for CVE-2021-44228 and CVE-2021-45046


Virginia (she/her/hers)
Zoom Community Team