Log4Shell Vulnerability workaround fix 

Applying the workaround:

For all Morphisec on-premises customers, in order to have a temporary workaround to the Log4shell vulnerability on the Morphisec Server, please execute the following steps:

1.  Navigate to the Morphisec Server folder and edit the morphisec-server.xml file found (by default) in:

C:\Program Files\Morphisec Server\managementServer

2.  In the morphisec-server.xml file, add the following string at the location seen in the following screenshot:

<argument>-Dlog4j2.formatMsgNoLookups=true</argument>

3.  Make sure to save the file.

4.  Open “Services” and restart the Morphisec Server service. The Morphisec Server now has the configuration to mitigate a Log4shell exploit.

Please ensure that you have Morphisec installed on all of your servers to minimize risk of lateral movement that may result from similar types of attacks.

For any further help, please contact us at support@morphisec.com

The Morphisec Customer Success Team

 (Support@morphisec.com)