Last December, the news was filled with articles about the so-called log4j vulnerability; a software bug that allows hackers to break into computers. See for example this article in NRC Handelsblad.
Our colleagues at ICTS and our Information Manager Sven Assink have done a lot of work to mitigate all possible effects of the log4j vulnerability and they have checked most UM laptops for issues. However, they have been unable to check non-Athena Desktop laptops for log4j vulnerabilities.
That is why we now need all owners of a non-Athena Desktop laptop to scan their laptop for log4j problems (see below for an explanation). A non-Athena Desktop laptop refers to all Macintosh (Apple) laptops and Windows laptops without a UM tag on the bottom of the laptop with a number like ‘NB-001240’. Those of you who have laptops with a UM tag on the bottom with a number like ‘NB-001240’ have already been scanned by us, so these laptops do not need to be scanned by yourself.
How to scan your non-Athena desktop laptop for log4j problems
Below you can find a script on how to scan your non-Athena Desktop laptop for log4j problems. Needless to say, it is very important that you scan your laptop and follow the script, to prevent possible intrusion of malware or to detect suspicious activity that may compromise the UM network.
To make sure that all laptops that are used by UM employees are checked, we kindly ask you to send a confirmation that you have successfully run the script by sending an e-mail to ict-fasos@maastrichtuniversity.nl with “successfully run script” in the subject line.
Non-Athena Desktop Macbook users need to follow the following steps (you can watch the screen recording to help you guide through the steps below here):
- First, download the linked file (log4j-finder). Please save it in the Download folder.
- Then open a terminal session.
- Type “cd downloads”.
- Type “chmod +x log4j-finder” into your terminal session.
- Go to the file (NOT in the terminal session) and right click on the file log4j-finder and choose Open With.
- Choose Terminal.
- When the message “process completed” appears and nothing is found, you can close the terminal window. NOTE: If a vulnerability has been found, please immediately contact ICT-FASoS via ict-fasos@maastrichtuniversity.nl. If possible, make a screenshot of the message, or write it down.
Non-Athena desktop Windows users need to follow the following steps (you can watch the screen recording to help you guide through the steps below here):
- Download the application.
- Open a command prompt:
- Go to the windows ‘type here to search’ bar and type “cmd” and hit Enter.
- In the command prompt, type “cd Downloads” and press the Enter key.
- Next, start the scanner by typing “log4j-finder-signed” and press the Enter key. The script will start. When the message “process completed” appears and nothing is found, you can close the window. NOTE: If a vulnerability has been found, please immediately contact ICT-FASoS via ict-fasos@maastrichtuniversity.nl. If possible, make a screenshot of the message, or write it down.
If the scanner detects a problem, if you have any questions or concerns, or if you want help with running the scanner, you can make an appointment with ICT-FASoS by sending an e-mail to ict-fasos@maastrichtuniversity.nl for a meeting via Zoom, Teams or at FASoS.
