Java Exploit & New Version of Room Alert Link

As of December 16, 2021, we released version 1.3.3 of Room Alert Link. This version implemented a security patch for the additional CVE-2021-45046 Log4j vulnerability.

Over the weekend, our team has learned of a vulnerability called The Log4j flaw (also known as “Log4Shell”) that is a zero-day vulnerability that targets the Log4j library in Java. This vulnerability allows hackers to gain unauthenticated remote code execution and access to servers. Cyber attackers are making over a hundred attempts per minute to identify at risk servers exposed to the internet that are susceptible to exploit this critical security vulnerability in Java logging library Apache Log4j. These cyber attackers are trying to install malware, steal user credentials and more.  

The only piece of Room Alert software that was impacted was Room Alert Link. Our Engineering department worked diligently to develop and release a new version of Room Alert Link that is now online. No other AVTECH products are impacted by this exploit. 

The newest version of Room Alert Link is available to download via Room Alert Account dashboard. We recommend all Room Alert Link users download and install this version of Room Alert Link immediately. Any Room Alert users that are not using Room Alert Link are not impacted by this vulnerability and do not need to take any action. 

If any customers have questions about Room Alert Link and its security, our Sr. Product Specialists as well as our US-based Support team are available to help. Feel free to contact us directly if you would like to speak with us further.