Apteco software does not use Log4j

Posted: 14 Dec 2021

Apache Log4j2 vulnerability - CVE-2021-44228

Apteco software is NOT vulnerable

Apteco software, including the Apteco Orbit platform, FastStats and PeopleStage, does not use Log4j and is not susceptible to the Log4j 2 vulnerability. Please be assured that no mitigation or updates are required for Apteco software.

Actions taken by Apteco

Apteco became aware of the Apache Log4j 2 security vulnerability on Saturday 11th December and immediately initiated steps to ensure our customers, partners and internal IT systems were protected. The mitigations taken included:

  • Firewall controls updated to provide additional protection against potential attacks
  • Confirmation with Apteco development team leaders that each Apteco software product is not vulnerable
  • Checking our internal systems
  • Checking with third-party suppliers of key production cloud services

Additional advice

If you have other applications or tools on your servers, or use third-party cloud services, we recommend checking whether they are impacted by the Log4j vulnerability. 

The below websites give general guidance on the Log4j vulnerability.

Apteco is continuing to monitor this event and will update this web page as appropriate.