Microsoft Releases New Defender Capabilities for Fixing Log4j

Microsoft Releases New Defender Capabilities for Fixing Log4j

Microsoft has announced that it has launched new Defender for Containers and Microsoft 365 Defender solutions for detecting and remediating Apache Log4j vulnerabilities.

Defender for Containers was introduced on December 9, combining the capabilities of Microsoft Defender for Kubernetes and Microsoft Defender for Container Registries and introducing additional features including Kubernetes-native deployment, improved threat detection, and vulnerability assessment.

Earlier this week, Microsoft had upgraded its Defender for Containers solution to detect container images that are vulnerable to the flaws in Log4j.

Starting with the initial discovery of a remote code execution flaw in Log4j on December 9, Defender for Containers can now detect images impacted by the three vulnerabilities in Log4j that have been revealed and are now fixed.

When container images are submitted to an Azure container registry, pulled from an Azure container registry, and executed on a Kubernetes cluster, they are immediately inspected for vulnerabilities. 

Additionally, according to the company, Microsoft 365 Defender now has a consolidated dashboard for addressing threats and vulnerabilities due to Log4j flaws. Microsoft’s threat intelligence team tweeted that the dashboard will “assist customers in identifying and fixing files, software, and devices exposed to the Log4j vulnerabilities.”

According to Microsoft, these functionalities are supported on Windows and Windows Server. 

For Linux, the capabilities need an update to version 101.52.57 or later of the Microsoft Defender for Endpoint Linux client.

Microsoft said it’s working on adding support for Microsoft 365 Defender’s capabilities for Apple’s macOS and that the capabilities “will roll out shortly.”

Leave a Reply

Your email address will not be published.