According to the Federal Office for Information Security (BSI), a weak point in a software module that is widely used on many computers leads to an “extremely critical threat situation”.
The authority therefore increased its existing cyber security warning for the Java library Log4j to red on Saturday. This is the highest category of the four-point BSI scale for cyber security warnings and the only report currently at this level.
Vulnerability can be exploited without difficulty
The assessment is based on the very widespread use of this software element and the associated effects on countless other products, announced the BSI. In addition, the vulnerability can be exploited without major difficulties.
This would allow attackers to take over the affected system completely. There are already mass scans in Germany and around the world, as well as attempted and successful attacks. A security update for the Java library Log4j already exists. However, all products that use Log4j would also have to be adapted.
144 million new malware programs
BSI President Arne Schönbohm and the former Federal Minister of the Interior Horst Seehofer recently had one increasing exposure to cyber attacks warned. Last year, according to the BSI, 144 million new malware variants were detected, which is an increase of 22 percent compared to the previous year.