15 December 2021
The EPO is closely monitoring its systems after a critical vulnerability in the commonly used Java software “Log4j” emerged at the end of last week. Log4j software is used across multiple industry and government sectors. The vulnerability, now known as “Log4Shell”, can allow attackers to take over a web server, gain access to internal networks and hi-jack data, for example.
While software vendors release the relevant updates, the EPO has already started patching a number of applications, with a view to keeping any potential impact on service availability to a minimum. Our Information Security teams are continuing to closely monitor the entire EPO infrastructure. During the next days this heightened level of alert will be maintained to make sure the EPO and our users stay safe.