“While this vulnerability has not affected us directly and the security of our company systems is intact, we were not content to sit and watch this impact the world. Many of the sites and services our customers rely on are being affected. Given that LDAP is a networking protocol, we saw an opportunity for us as a VPN to provide an essential layer of protection against this vulnerability.” Peter Membrey, Chief Architect of ExpressVPN, says:
What Is Log4Shell?
Log4Shell is a critical zero-day remote code execution exploitation in versions of Log4j, an open-source Java logging library that is widely used in programs such as online games, large enterprise software, and even entire cloud data centers. The attack is executed without the victim clicking any link, pressing any key, or otherwise taking any action. Log4Shell (or CVE-2021-44228) has a maximum severity rating of 10.0. This means that hackers can take full control of a vulnerable system remotely without any actual interaction with the victim. It’s easy and fast, not requiring much skill.
How Is ExpressVPN Addressing Log4Shell?
ExpressVPN’s team identified that Log4Shell is an “LDAP and Java REMI-reliant vulnerability.” They decided to implement a port-based blocking solution since it was the fastest option to deploy and still be effective. At 9:30 GMT, December 14, 2021, ExpressVPN’s new layer of protection went live across all of the company’s VPN servers worldwide. The company did state that they will continue to work on the more extensive solution, a packet-based approach, and would roll it out as soon as it was ready. ExpressVPN wants to make it clear that this is not a complete fix for the issue. “To be clear, this is not a silver bullet, but it will make a significant impact on protecting internet users,” says Membrey. For more information about ExpressVPN and how its VPN service can help protect your information, read our ExpressVPN Review.