Web Content Viewer (JSR 286)- Asponte Custom Skin


Security Vulnerability: Logj4 Update from Konica Minolta

Update: January 21, 2022

You may be aware that Apache disclosed a Log4j critical vulnerability in a commonly used Java logging library utilized by many forms of software. Identified as CVE-2021-44228, if exploited, this vulnerability allows remote code execution on vulnerable systems, giving an attacker the ability to import malware that allows them to take control of targeted systems. This is a serious issue impacting a significant number of applications, as it is commonly used by many Java installations.

Konica Minolta has tested and evaluated our internal applications and infrastructure, and we have remediated impacts to our externally facing systems. We are awaiting updates from our support vendors on tools used internally. Frequent updates to corporate security tools and heightened security monitoring have helped to minimize open issues and ensure our systems are secure. None of the current or past Konica Minolta office bizhub MFPs, including the new iSeries products are subject to this vulnerability. We have identified that a firmware upgrade for various production print systems with the IC controller may be impacted if the controller is externally facing. Despite the fact that the majority of these systems are behind a closed network, Konica Minolta technicians will be proactively reaching out to customers to schedule a service call to upgrade their firmware. Production print systems with the CREO and EFI controllers are not impacted. We are continuing to test our production and industrial print systems and would recommend you check this site for on-going updates.

We are actively continuing to investigate any potential impact from third party partner solutions. Some of our partners have provided updates for the following software applications:

•  Kofax Products and Apache Log4j2 Vulnerability Information
•  Papercut Log4Shell (CVE-2021-44228)
•  Pharos Products and Log4j Exploit
•  YSoft SafeQ6 Security Issue Reporting

Konica Minolta will continue to actively monitor this situation and the impact that this may have on any and all of our integrated technologies.

Our award-winning IT Services team at IT Weapons can help you to discover weaknesses, simulate real-world attacks and build better defenses for your business. If you have any questions or concerns related to the Log4j critical vulnerability, concerned with the security of your current environment, or would like remediation for your application infrastructure, please contact us at info@bt.konicaminolta.ca.

About Konica Minolta

Konica Minolta Business Solutions (Canada) Ltd. is reshaping and revolutionizing the Workplace of the Future™ (www.reshapework.ca). With our comprehensive portfolio, we deliver solutions to leverage mobility and cloud services and optimize business processes with workflow automation. Konica Minolta's IT Services Division offers a range of IT strategy, support and network security solutions across all verticals. Konica Minolta has been recognized by Brand Keys as the #1 Brand for Customer Loyalty in the MFP Office Copier market for 14 consecutive years. Konica Minolta, Inc. has been named to the Dow Jones Sustainability World Index for nine years in a row. We partner with our customers to give shape to ideas and work to bring value to our society. For more information, please visit www.konicaminolta.ca and follow Konica Minolta on LinkedIn, YouTube, Facebook and Twitter (@KonicaMinoltaCA), and Instagram!


Konica Minolta Media Relations – Canada
Marketing Department, Konica Minolta Business Solutions (Canada) Ltd.