NAfter information from the news magazine “Spiegel”, several positions in the federal administration are also affected by the serious vulnerability in the logging library “Log4j” of the Java programming language. “If there is a weak point with this spread, the federal administration is also affected,” according to the report from the Federal Office for Information Security (BSI). The authority is aware of individual vulnerable systems and appropriate protective measures have already been initiated.

So far there is no evidence that the weak point in the federal administration has actually been exploited. According to the BSI, the problem has already been resolved in at least some cases.

At the weekend, the BSI warned of a widespread “critical vulnerability” that could make numerous servers and applications vulnerable. Successful exploitation of the security gap enables “a complete takeover of the affected system”, explained the authority and upgraded its cyber security warning to warning level red.

The BSI advised companies and organizations in particular to install updates as soon as they are available for individual products. In addition, “all systems that were vulnerable should be examined for compromise”.