Security and Privacy are very important to us at Red Argyle. This post is to share some information regarding a recent exploit known as “Log4j”. Log4j is a known vulnerability impacting a large number of software vendors across the globe including Salesforce. The vulnerability is based on a logging feature hosted on some Java applications. A detailed description of the exploit is available from the Center for Internet Security and is located here.
Salesforce immediately began communicating its status on trust.salesforce.com. Their internal investigation and efforts are ongoing. Salesforce is providing assurance that they are proactively communicating any known issues directly with customers and are in the process of patching any suspected impacted systems.
Red Argyle’s services are 100% rooted in the Salesforce.com platform. It appears that the vast majority of our customers and configurations will have no action items relating to their core Salesforce build, instead, Salesforce will be proactively remediating anything related to their infrastructure.
However, out of an abundance of caution, we do recommend the following actions:
- If you receive any direct communication from Salesforce please give it all due attention!
- Keep an eye on the Trust article which is located here, which will be updated to share official updates from Salesforce on the status of their response to this: https://help.salesforce.com/s/articleView?id=000363736&type=1
- If you use Data Loader, upgrade to the latest version. Older versions are vulnerable to this exploit. The new version is here: https://github.com/forcedotcom/dataloader/releases/tag/v53.0.1
- If you use Slack, install the update, with instructions located here: https://slack.com/help/articles/360048367814-Update-the-Slack-desktop-app
- Beyond Salesforce, validate if you use other Java powered applications within your organization’s technology stack. One list is available here https://github.com/cisagov/log4j-affected-db however, it is not deemed fully inclusive and it is important to evaluate your own tech stacks with your security team to validate any vulnerabilities.
We will continue to monitor the situation and share updates if there are any impactful changes warranting further immediate action. If you have questions, please email email@example.com and we will have an engineer respond as quickly as possible to validate any possible action required.