by Larry Mead, Kate Kompelien and Kurt Schroeder
With the recent public disclosure of Log4J, a zero-day vulnerability, TTEC Digital quickly took actions to identify this software in our environment by scanning applications that may have used a vulnerable version of the software, with our focus on externally exposed applications, private connected systems, and internal only systems. The vulnerability did not affect our work with any clients, and our environment remains secure.
Remediation efforts are ongoing. All external systems have been reviewed and remediated. Private connections are in the process of being remediated along with internal systems.
TTEC has been working closely with the software manufacturers related to the availability of application-specific patches to address the vulnerability. These patches are expected to become available in the next few weeks. Installing the patches may affect system availability briefly. We will communicate with clients in advance of patch installation to minimize any disruptions.
Any additional updates or information will be added to this page.