Log4j remote code vulnerability (CVE-2021-44228; CVE-2021-45046; and CVE-2021-45105)
This page was last updated on Tuesday 21 December at 9.45pm AEST
Since first detecting the potential vulnerability in the widely-used Java logging library Apache Log4j, Iress’ security and engineering teams have been comprehensively reviewing all aspects of our software.
Overall, Iress’ software has been deemed safe from the vulnerability. In some limited and specific cases use of the impacted library has been identified and these instances have been remediated. We have also reviewed Iress' use of third party software and are implementing the recommended changes from those external vendors.
Importantly, our testing has not detected any compromisation of our technology, systems and data.
For information on specific products, please contact your Iress account manager.
Iress is a technology company providing software to the financial services industry. Our software is used by more than 9,000 businesses and 500,000 users globally.
At Iress we are committed to ensuring that your experience using our community gets better. Did you find what you were looking for today?
We will use your feedback only for the purposes in which it was intended; to improve our products and services to you. At Iress, we always respect your privacy. To view our privacy notice, please visit our website