The recently publicised zero day exploit (CVE-2021-44228) in the Log4J logging framework:-

• Minder BMS does not have log4j installed, nor does it use Java, so is not vulnerable to this exploit.

• Minder's SimpleHelp service, which is written in Java, and sits on a Debian server,  is not reliant on Log4J so is not vulnerable to this exploit.

• Those new Nethserver installs (email servers) & the remaining SMEserver installs are all based on Centos, and never used the affected package, hence are not vulnerable.

• Proxmox VE (any Version), which is based on Debian,  does not have log4j2 installed, nor does it use Java, so is not vulnerable to this exploit.

• FreePBX (phone system) does not depend on log4j & it is not installed by default, hence is not vulnerable.

• Microsoft Office 365 is not vulnerable to this exploit.

• Microsoft Servers (any version) are not vulnerable to this exploit, but any 3rd party server type applications which you have installed need to be checked.

• Superchoice services do use Log4j and have already patched their servers. They will continue to monitor, no action required on our part.