The recently publicised zero day exploit (CVE-2021-44228) in the Log4J logging framework:-
Minder BMS does not have log4j installed, nor does it use Java, so is not vulnerable to this exploit.
Minder's SimpleHelp service, which is written in Java, and sits on a Debian server, is not reliant on Log4J so is not vulnerable to this exploit.
Those new Nethserver installs (email servers) & the remaining SMEserver installs are all based on Centos, and never used the affected package, hence are not vulnerable.
Proxmox VE (any Version), which is based on Debian, does not have log4j2 installed, nor does it use Java, so is not vulnerable to this exploit.
FreePBX (phone system) does not depend on log4j & it is not installed by default, hence is not vulnerable.
Microsoft Office 365 is not vulnerable to this exploit.
Microsoft Servers (any version) are not vulnerable to this exploit, but any 3rd party server type applications which you have installed need to be checked.
Superchoice services do use Log4j and have already patched their servers. They will continue to monitor, no action required on our part.
Copyright Programmed Network Management PL 2023