ʻEhā mau lā i hala aku nei, ua ʻike ʻia ka Log4Shell Java exploit, e ʻae ana i ka poʻe hackers e hoʻomalu i nā kikowaena pūnaewele i ʻike ʻia ma o ka hoʻouna ʻana a me ka hoʻoulu ʻana i kahi kaula ʻino o nā kikokikona, e hoʻopilikia ana i nā ʻenehana loea e like me Microsoft, NVIDIA, a me Intel. Aia kēia hoʻohana ma ka waihona waihona Apache Log4j open-source e hoʻopaʻa nei i nā hanana a me nā hewa i loko o nā polokalamu Java-based.
Hoʻohana ʻo Log4J, a i ʻole Log4Shell i ka hoʻouka ʻana i nā ʻōnaehana Java-based mamao, e wehe ana i nā leaks data koʻikoʻi a ʻoi aku.
ʻO ka nāwaliwali, ʻike ʻia ʻo Log4J, ke nānā ʻia ma lalo CVE-2021-44228, hāʻawi ʻia e ka National Institute of Standards and Technology, a i ʻole NIST. Hiki ke kiʻi ʻia kēia hana ma o ka polokalamu kelepona, API, a i ʻole ka puka aniani.
ʻO nā ʻoihana ʻenehana kiʻekiʻe, e like me Intel, Microsoft, a me NVIDIA ua hoʻopilikia ʻia e kēia hana maikaʻi loa. Ua loaʻa iā Intel ʻeiwa mau noi ka mea e hoʻohana iā Java a hiki ke pilikia i ka hack. Hāʻawi ʻia ka papa inoa o nā noi Intel i hoʻopili ʻia:
- ʻO Intel Audio Development Kit
- Luna Hoʻokele ʻikepili Intel
- oneAPI laʻana polokalamu polokalamu kele no Eclipse
- Intel System Debugger
- ʻO ka polokalamu palekana Intel ma luna o ka papa (GitHub)
- Hale Waihona Puke Intel Genomics Kernel
- Pūnaehana Pūnaewele Intel
- Mālama ʻia e Intel ka Computer Vision Annotation Tool
- ʻO Intel Sensor Solution Firmware Development Kit
Ma muli o ke ʻano o NVIDIA a me kā lākou mau noi a me nā lawelawe i hoʻonui mau ʻia me nā mana hou loa, ʻoi aku ka paʻakikī o ka hoʻohana ʻana. Ke noʻonoʻo nei ka ʻoihana ʻaʻole hāʻawi mau nā luna kikowaena i nā mea hou loa i kā lākou mīkini, no laila ke papa inoa nei ʻo NVIDIA i ʻehā mau huahana hiki ke loaʻa ka hapa nui o ka hopena e Log4J, ʻoiai inā ua pau nā mea hoʻokele no nā huahana mai ka hoʻokuʻu ʻana. :
- CUDA Toolkit Visual Profiler a me Nsight Eclipse Edition
- Nā Pūnaehana DGX
- NetQ
- vGPU Pūnaehana Laikini Laikini
No ka mea ua hoʻokomo mua ʻia nā PC ʻoihana DGX o NVIDIA me Ubuntu-Linux OS a hiki ke hoʻopilikia ʻia i ka hoʻohana ʻana, ke kamaʻilio nei ʻo NVIDIA i nā mea hoʻohana i hiki ke hoʻokomo lima i ka papa hana Log4J o Apache e hoʻoponopono koke i kā lākou ʻōnaehana.
Loaʻa i kā Microsoft Azure Spring Cloud a me Azure DevOps noi ua paʻi ʻia lāua ʻelua mai ka ʻike ʻia ʻana o ka nāwaliwali. Hoʻohana ʻo Azure Spring Cloud i nā mea kikoʻī o ka Log4Shell i loaʻa i ke kaʻina hana boot o ka ʻōnaehana. Ma muli o ke ʻano o kēia hoʻohana, inā ʻaʻole i hoʻonui ʻia ka ʻōnaehana, e lilo lākou i mea palupalu.
ʻO ka mea mahalo, ua hoʻomau ʻole ʻia ʻo AMD e ka Log4J exploit. Ma hope o ka hoʻokolokolo mua ʻana i kā lākou laina huahana, ua hoʻolaha ʻo AMD ʻaʻole i hoʻopilikia ʻia kekahi o nā laina, akā e hoʻomau lākou i kā lākou ʻimi ma muli o ke koʻikoʻi o ka nāwaliwali.
ʻO ka pou Hoʻopili ʻia ʻo AMD e like me ka Log4Shell exploit e pili ana i nā ʻenehana loea ʻē aʻe, e like me Intel, Microsoft, a me NVIDIA by Jason R. Wilson ʻike muaʻia Wccftech.
