At Skykit, the reliability and security of our solutions is paramount. You – our customers – trust us to bring you secure solutions. It is important to note that Skykit does not use the Apache Log4j library. Therefore, this vulnerability does not impact our solutions. We also have reviewed all of our third-party integrations and ensured they do not rely on Log4j security or have already patched this vulnerability.
Background on the Log4j Vulnerability
A zero-day exploit was observed on December 10, 2021, targeting a Remote Code Execution (RCE) vulnerability in the Apache Log4j utility. This utility is broadly used to log security and perforation information throughout a variety of consumer and enterprise services, websites, and applications. The RCE vulnerability can be exploited by an unauthenticated remote actor who then forces the Log4j service to receive a payload or malicious code from another remote server. Ultimately, the exploitation impacts the confidentiality, integrity, and availability of the web application and its data.
Our customer’s security and privacy is a core focus at Skykit. That’s why we always build with the security standards you need to be confident in your decision to work with us. If you have questions about our security standards or this incident specifically, reach out to our customer support team.