Security Updates Released
16.12.2021
A severe Zero-day security issue, Log4Shell (CVE-2021-44228), was discovered on December 10 in the Java logging library, log4j v2.x. Our team has identified the issue and the effect on Java products.
We quickly resolved the issue and released new product versions on December 13 and 14, 2021. However, after that, security experts found a second vulnerability involving Apache Log4j (CVE-2021-45046). Although this is not as severe as the original vulnerability, we made new releases that resolved this issue, providing enhanced security for our customers.
New security updates are available for the following products:
- Prosys OPC UA Monitor
- Prosys OPC UA Modbus Server
- Prosys OPC UA Historian
- Prosys OPC UA Simulation Server
Prosys OPC UA Browser 4.1.0 release previously already contained the required fix.
To learn more about the security vulnerability in Java based OPC UA applications, check our Blog Post.
Please contact Prosys OPC Sales for more information.
About Prosys OPC Ltd
Prosys OPC is a leading provider of professional OPC software and services with over 20 years of experience in the field. OPC and OPC UA (Unified Architecture) are communications standards used especially by industrial and high-tech companies.
Newest blog posts
Introducing Prosys OPC UA Edge
The very first blog post about Prosys OPC UA Edge. The article introduces the main features and functionalities of the EDGE software.
Windows DCOM Hardening And OPC Classic Applications
How do the Windows DCOM hardening changes affect your OPC Classic applications.
OPC UA vs MQTT (or OPC UA over MQTT)
Our input on the debate of the differences between OPC UA and MQTT and how actually there is competition.