log4j

Statement on the Recent Log4j Vulnerability

By

-

Reviewed by

on

December 21, 2021

This article is Tax Professional approved

Group

Amidst the worldwide concerns about the recent critical security issue, we would like to inform our customers and partners that Bench has NOT been impacted by the Log4j vulnerability.

What's Bench?
Online bookkeeping and tax filing powered by real humans.

Start today and get one month free.
Learn More
Friends don’t let friends do their own bookkeeping. Share this article.

Contents

Tired of doing your own books?
Try Bench

What is the vulnerability about?

A very popular logging library widely used by many software providers was found to have a critical severity vulnerability. The vulnerability was ranked critical because it could lead to Remote Command Execution and/or the leaking of sensitive server-side data. This vulnerability was weaponized quickly by bad actors, and by December 10, 2021, it was being exploited across the internet.

What has Bench done about this?

This vulnerability was publicly disclosed on December 9th, 2021. We became aware of it on December 10th, 2021. Bench took action immediately by kicking off an audit of our app, infrastructure, and our software vendors, to determine potential impact. Our exposure to the vulnerability has been minimal, and we are confident that we have patched or mitigated all instances of this vulnerability in our environment.

No known attack has been launched against Bench. But as always, we are actively monitoring and scanning for any suspicious activity. We continue to work with our service providers to understand any remediation required from or by them.

If you have questions or concerns, you can contact us by emailing security@bench.co.


This post is to be used for informational purposes only and does not constitute legal, business, or tax advice. Each person should consult his or her own attorney, business advisor, or tax advisor with respect to matters referenced in this post. Bench assumes no liability for actions taken in reliance upon the information contained herein.
Friends don’t let friends do their own bookkeeping. Share this article.

Join over 140,000 fellow entrepreneurs who receive expert advice for their small business finances

Get a regular dose of educational guides and resources curated from the experts at Bench to help you confidently make the right decisions to grow your business. No spam. Unsubscribe at any time.