Best practices for Log4Shell Enumeration, Mitigation, and Attack Detection Tool


On December 10, 2021, news of the active exploitation of a previously unknown zero-day vulnerability (CVE-2021-44228) in a common component of Java-based software (Log4j) became widely known. The extent to which this software package is integrated into the world's technologies and platforms is still being discovered, but given the ease by which software containing this component can be exploited on devices reachable from the open internet (for example, servers), this Log4j vulnerability, dubbed Log4Shell, is being treated as extremely severe. All stakeholders in the technology community are strongly advised to check their environments and take appropriate security measures.

Datto has released a tool, both for RMM partners via the ComStore and publicly via GitHub, to automate the process of scanning Windows devices for signs of this vulnerability and any compromise that may have occurred. This document is for Datto RMM users who have downloaded the tool and wish to ensure they are using it properly.