The National Cyber Security Centre (NCSC) has recently highlighted an Apache Log4j 2 vulnerability. 

A severe remote code vulnerability was revealed in Apache’s Log4J, a very common logging system used by developers of web and server applications based on Java and other programming languages. The vulnerability affects a broad range of services and applications on servers, making it extremely dangerous – and the latest updates for those server applications urgent. 

Bromcom would like to assure all of its customers that no Bromcom service is affected by the Apache Log4j 2 vulnerability, including all locally hosted applications and our mobile applications. 

We shall however continue to monitor the situation and act according to any future recommendations from the NCSC.