Statement on the Recent Log4j Vulnerability

By

The Bench Team

-

Reviewed by

on

December 21, 2021

This article is Tax Professional approved

Group

Amidst the worldwide concerns about the recent critical security issue, we would like to inform our customers and partners that Bench has NOT been impacted by the Log4j vulnerability.

What's Bench?
Online bookkeeping and tax filing powered by real humans.
Learn more
Friends don’t let friends do their own bookkeeping. Share this article.

I am the text that will be copied.

Contents

Example H2
Example H3
Example H4
Example H5
Example H6
Tired of doing your own books?
Try Bench

What is the vulnerability about?

A very popular logging library widely used by many software providers was found to have a critical severity vulnerability. The vulnerability was ranked critical because it could lead to Remote Command Execution and/or the leaking of sensitive server-side data. This vulnerability was weaponized quickly by bad actors, and by December 10, 2021, it was being exploited across the internet.

What has Bench done about this?

This vulnerability was publicly disclosed on December 9th, 2021. We became aware of it on December 10th, 2021. Bench took action immediately by kicking off an audit of our app, infrastructure, and our software vendors, to determine potential impact. Our exposure to the vulnerability has been minimal, and we are confident that we have patched or mitigated all instances of this vulnerability in our environment.

No known attack has been launched against Bench. But as always, we are actively monitoring and scanning for any suspicious activity. We continue to work with our service providers to understand any remediation required from or by them.

If you have questions or concerns, you can contact us by emailing security@bench.co.


This post is to be used for informational purposes only and does not constitute legal, business, or tax advice. Each person should consult his or her own attorney, business advisor, or tax advisor with respect to matters referenced in this post. Bench assumes no liability for actions taken in reliance upon the information contained herein.
Friends don’t let friends do their own bookkeeping. Share this article.

I am the text that will be copied.

Join over 140,000 fellow entrepreneurs who receive expert advice for their small business finances

Get a regular dose of educational guides and resources curated from the experts at Bench to help you confidently make the right decisions to grow your business. No spam. Unsubscribe at any time.

Subscribe