You may have seen recent media reports regarding a zero-day vulnerability in the Java logging library Log4j, which is used extensively across multiple vendors and platforms internationally.
Carestream Dental is aware of this vulnerability and is actively working on identifying any instance of this possible vulnerability on our internal systems, backend customer management systems and/or customer hosting platforms. Where appropriate, our teams have updated firewall rules, applied patches or upgrades on affected systems, and are continuously monitoring for evidence of attempted exploits. Additionally, we are working with our vendors to ensure that they are also actively working on securing their platforms.
For customers where Carestream Dental provides management of systems, we have identified a small number of internal systems that may be at risk of this vulnerability and have applied appropriate safeguards to reduce vulnerability risk. We will continue to monitor the situation and will take additional remedial measures, as appropriate.
Customers who manage their own environments are advised to read all available vendor advisories and take mitigating action where possible.
A selection of vendor updates can be found on the below links;