Applied Computer Systems Security Statement: Products Are Not Subject to Apache Log4j Vulnerability

As part of Applied Computer Systems’ commitment to support our customers, we constantly assess any risks to our products and services. We want to ensure our customers are always informed of any risks to their own systems, services, or supply chain. With that in mind, ACS shares key information whenever a possible vulnerability has been detected in any programming language.

On Dec 9th, 2021, security researchers published a report of a high-risk “zero day” vulnerability (CVE-2021-44228) affecting a common software package (Apache Log4J) that can allow remote code execution.

None of the solutions that Applied Computer Systems provide use the log4j library and therefore have not been impacted by this vulnerability.

Our development team has conducted a full impact assessment since the vulnerability was initially documented and has reported that no software or service offered by ACS to be susceptible.

ACS will continue to monitor any further information released about this vulnerability and will keep their customer base abreast of the situation.

Solutions analyzed and identified as Secure

SoftLINK: all platforms and mobile apps

Manager: all platforms and mobile apps

DNA: all platforms, mobile apps and web console

Notify: all platforms and mobile apps

classroom.cloud: web services, all platforms and mobile apps