December 15, 2021
We have been actively researching and monitoring the effects of log4j since the CVE was first reported.
At this point, we do not believe that log4j affects the remote.it service for any of our customers.
We continuously patch all our systems and all systems are currently updated with the latest recommended patches. As new patches are being developed, we are and will continue to apply those patches.
The remote.it connection system does not use log4j.
Our website is WordPress based and thus PHP based not Java. We do not believe we have any plugins that are affected. Our website is also completely separated from the remote.it connection infrastructure and does not contain any customer data.
We have also checked, and continue to check, our internal development and engineering systems, which are not visible to customers and do not expose customers to log4j. We also continue to monitor and check reports and vulnerabilities to log4j as they are discovered.