( read 1 min)

FotoWare is not affected by the Log4j vulnerability

By Alex Kronenberg on December 14, 2021
FotoWare is not affected by the Log4j vulnerability

FotoWare can confirm that our software is not affected by the Log4j vulnerability that has been exposed in recent days.

Log4j is a widely used Java-based logging library developed by the Apache Software Foundation. The vulnerability applies to a remote code execution in the Apache Log4j 2 Java library, which allows hackers to execute remote commands on a target system.

FotoWare's products are not at risk from this vulnerability, and we would like to assure our customers that all of our products are safe from this threat. 

Note that the Apache HTTP Server does not use Apache log4j, and neither does FotoWeb On-Premises, even when it uses Apache. We do still recommend switching from Apache to IIS, as Apache support is deprecated as of 2021.
If you need any assistance with this switch, our Professional Services Team is available to help. We have also created an article on this subject: Change from Apache to IIS.

If you have any further questions, please contact FotoWare support here