Log4j Security Gap

Dec 15, 2021

After becoming aware of the security vulnerability in the Java library Log4j, which was reported by the US National Institute of Standards and Technology (NIST) and the German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, BSI), we immediately investigated the matter. After a careful review, we can inform you that MetaSystems’ software is not affected by the Log4j security gap.

Our main software products are not using Java. The HL7 and DICOM modules use an older version of the Java Runtime Module which is verified to be safe against Log4j vulnerabilities. Also, the driver software for our protection dongles (WIBU Systems, Germany) is not affected.

If you have further questions, please do not hesitate to contact us.