On December 9 2021 a bug was identified in Log4j, a Java library for logging error messages in applications. Log4j is used by many servers and could allow a malicious person to take full control of the affected server or allow a denial of service attack that could take down the server.
You can learn more about Log4j and the impacts of the identified vulnerability in this article.
Does Optimal Workshop use Log4j?
No, we can confirm that the Optimal Workshop platform does not use Log4j and therefore we are not affected by the identified issue.
Have any of your sub-processors been impacted by this issue?
No, we are able to confirm that our sub-processors have either already patched their services to protect themselves, or have not been affected by the Log4j vulnerability.