Apache Log4j Vulnerability - Microsoft SQL Server 2012 Standard SPSQL 2012 SP4 + Security Update (11.0.7507.2)

Solomon, Chakaravarthy Sunil 1 Reputation point
2021-12-14T10:39:43.193+00:00

We are running the below versions of OS.
"Microsoft SQL Server 2012 Standard SPSQL 2012 SP4 + Security Update (11.0.7507.2)"
"Windows Server 2012, x64 Datacenter Edition Version: 6.2.9200 + July 13, 2021 Rollup Patch"

May i please check if Apache Log4J impacts the above-mentioned OS and if so, may i check if there are any workarounds or patches?

Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,701 questions
0 comments No comments
{count} votes

5 answers

Sort by: Most helpful
  1. Vadims Podāns 8,861 Reputation points MVP
    2021-12-14T11:00:04.937+00:00

    Neither of Microsoft products use Log4J, thus they are not vulnerable to recent CVE-2021-44228 vulnerability.

    See this thread for more details: https://learn.microsoft.com/answers/questions/662469/log4j-vulnerability-concerns.html

    0 comments No comments

  2. Cyrille 1 Reputation point
    2021-12-15T13:18:50.047+00:00

    Just ran a search on a Windows server running Microsoft SQL 2019 and found a log4j jar in "C:\Program Files\Microsoft SQL Server\150\DTS\Extensions\Common\Jars"

    So, not so black & white


  3. Satyen Shah 1 Reputation point
    2021-12-23T20:16:30.767+00:00

    Does anyone know which SQL2019 features/connectors/drivers can be disabled/uninstalled to remove the log4j files to suppress detections?


  4. ioannismichas 21 Reputation points
    2022-03-17T13:49:10.923+00:00

    We run many MS SQL Server installations and the results i get from various scanners are the same. The .jar files are present on our systems.
    I can understand that the use of these .jar files in an application makes the system vulnerable.
    What i do not know is wether the presense of those files is also a vulnerability. Would it be possible for a malware to utilize these files even if they are not currently used?
    What would be the best mitigation ? Delete the files from the system?

    0 comments No comments