An important cybersecurity alert from the Land O’Lakes Information Technology (IT). Land O’Lakes has been actively addressing the recent vulnerability that’s captured global headlines since it was first discovered in early December. Log4j is an opensource piece of software used in thousands of applications and devices worldwide.

The Log4j flaw allows attackers to execute code remotely on a target computer system, which could let them steal data, install malware, ransomware or take control and subsequently gain access to the victim’s internal network. This vulnerability is actively being exploited by cyber criminals and nation states.

Fixes for the vulnerability have been fluid from Apache Corporation, the creators of Log4j, issuing multiple updates to resolve the vulnerability. Since the vulnerability was first announced, Land O’Lakes has been actively identifying and remediating impacted systems.  It’s very likely your systems and applications also leverage this common opensource component.  

The Land O’Lakes IT teams are available to consult with your IT Teams if they need assistance in how to identify and remediate the issue. If you have any questions regarding this informational update, please contact our chief information security officer, Tony Taylor. His contact information can be found below:  

To learn more about the Log4j vulnerability, here’s a list of some recent articles: