DHS review board says it could take years to fix government software vulnerability

Jared Gans

July 14, 2022 at 1:02 PM·1 min read

A vulnerability in software that governments and companies around the world use could take years to eliminate, according to a report from a Department of Homeland Security (DHS) review board.

The analysis states that a security engineer from the Alibaba Cloud Security team in China first reported the vulnerability to the Apache Software Foundation, a nonprofit organization that provides support for Log4j, the software.

The software collects and maintains information about system activity.

The DHS’s Cyber Safety Review Board concluded that the vulnerability will be “endemic” and may remain in systems for up to a decade or more.

The report notes that the board is not currently aware of any significant attacks on the Log4j software and that the exploitation of the software happened at lower levels than expected based on the vulnerability’s severity.

The report states that organizations spent significant resources to deal with the vulnerability, and the organizations that responded most effectively were the ones that understood their own use of the software and have the technical resources to manage assets, assess the risk that the vulnerability posed and mobilize response actions.

The board made a series of recommendations to Homeland Security Secretary Alejandro Mayorkas for actions that should be taken in the future.

The recommendations are categorized into four main focuses — addressing the continued risks of Log4j, adopting industry-accepted practices for managing vulnerabilities, building a more proactive model of vulnerability management and making investments for the country’s digital security in the future.

For the latest news, weather, sports, and streaming video, head to The Hill.

Yahoo Sports
Dolphins owner Stephen Ross reportedly declined $10 billion for team, stadium and F1 race
The value of the Dolphins and Formula One racing is enormous.
Yahoo Sports
What scouts think of Bronny James' NBA prospects
The biggest question looming over the NBA draft combine this week: How will Bronny James do?
Yahoo Sports
2024 NBA Mock Draft 7.0: Who will the Hawks take at No. 1? Our projections for every pick with lottery order now set
With the lottery order set, here's a look at Yahoo Sports' projections for both rounds of the 2024 NBA Draft.
Yahoo Sports
NFL schedule release: Chiefs to host Ravens in 2024 season opener
Chiefs vs. Ravens on Sept. 5 will be a rematch of last season's AFC Championship Game.
Yahoo Sports
Your favorite WNBA rookies didn’t make the cut. So what’s their path back to the league?
For rookies who were waived, the climb to their pro dreams is steeper, but the path ahead is well-worn with trail markers of established success.
Yahoo Sports
The Spin: Making a call on 5 slumping fantasy baseball stars
All five of these hitters were drafted highly in fantasy baseball leagues. So far, they have not lived up to their ADPs — and that's an understatement. Scott Pianowski analyzes.
Yahoo Finance
Utility stocks are on fire — here are Wall Street analysts' top picks
Utility stocks are outperforming the broader markets. Here's a look at three top picks from analysts.
Yahoo Sports
Former MLB infielder, Little League World Series star Sean Burroughs dies at 43
The seven-year major leaguer collapsed while coaching his son's Little League game on Thursday.
Yahoo Sports
MLB Power Rankings: Phillies lead Dodgers, Braves as trio of NL contenders top this week's list
Here's a look at the rookies who have stood out on each team through the first quarter of the 2024 season.
Yahoo Sports
Where does Jared Goff’s $212M extension leave Dak Prescott and Cowboys?
In one scenario, Dallas makes Prescott the highest paid player in NFL history. In another, the Cowboys decline that commitment, at which point another team will make him the top paid player in NFL history.
Autoblog
Best used cars to buy in 2024: From trucks and SUVs to EVs
The best used cars to buy in 2024 include small and midsize cars, trucks, crossovers and SUVs, and even a couple of used electric cars.
Yahoo Finance
Here's 1 big investing mistake you are probably still making
Maybe a 5% CD isn't the best choice for your hard-earned money.
Yahoo Sports
The best RBs for 2024 fantasy football, according to our experts
The Yahoo Fantasy football analysts reveal their first running back rankings for the 2024 NFL season.
Yahoo Sports
Juan Soto’s unapologetic intensity and showmanship are captivating the Bronx and rubbing off on teammates: ‘Literally every pitch is theater’
The 2024 Yankees have rediscovered their bravado and hold the second-best record in the AL, thanks in large part to the superstar outfielder.
Yahoo Sports
LeBron James greeted with rousing ovation from Cavaliers fans while sitting courtside for Celtics game
LeBron James' offseason of intrigue continued Monday with a visit to Cleveland.
Yahoo Sports
Lions reportedly sign QB Jared Goff to 4-year, $212 million extension
The Detroit Lions have had a busy offseason, and that continued on Monday with the reported extension of quarterback Jared Goff.
Yahoo Sports
Architect of PGA-LIV framework agreement resigns in frustration: 'No meaningful progress' toward a deal
Jimmy Dunne cited 'no meaningful progress' being made in negotiations between the PGA Tour and LIV Golf as a reason for his resignation.
Engadget
The best budgeting apps for 2024
Budgeting apps can help you keep track of your finances, stick to a spending plan and reach your money goals. These are the best budget-tracking apps available right now.
Yahoo Sports
Six quarterback situations to worry about & three that are on the precipice | Zero Blitz
Jason Fitz, Charles Robinson and Frank Schwab talk about which quarterback rooms concern them and which they find interesting heading into the 2024 NFL season.
Yahoo Sports
Timberwolves coach Chris Finch calls Jamal Murray's heat-pack toss on court 'inexcusable and dangerous'
Murray made a bad night on the court worse during a moment of frustration on the bench.

News

Life

Entertainment

Finance

Sports

New on Yahoo

DHS review board says it could take years to fix government software vulnerability

Recommended Stories

Dolphins owner Stephen Ross reportedly declined $10 billion for team, stadium and F1 race

What scouts think of Bronny James' NBA prospects

2024 NBA Mock Draft 7.0: Who will the Hawks take at No. 1? Our projections for every pick with lottery order now set

NFL schedule release: Chiefs to host Ravens in 2024 season opener

Your favorite WNBA rookies didn’t make the cut. So what’s their path back to the league?

The Spin: Making a call on 5 slumping fantasy baseball stars

Utility stocks are on fire — here are Wall Street analysts' top picks

Former MLB infielder, Little League World Series star Sean Burroughs dies at 43

MLB Power Rankings: Phillies lead Dodgers, Braves as trio of NL contenders top this week's list

Where does Jared Goff’s $212M extension leave Dak Prescott and Cowboys?

Best used cars to buy in 2024: From trucks and SUVs to EVs

Here's 1 big investing mistake you are probably still making

The best RBs for 2024 fantasy football, according to our experts

Juan Soto’s unapologetic intensity and showmanship are captivating the Bronx and rubbing off on teammates: ‘Literally every pitch is theater’

LeBron James greeted with rousing ovation from Cavaliers fans while sitting courtside for Celtics game

Lions reportedly sign QB Jared Goff to 4-year, $212 million extension

Architect of PGA-LIV framework agreement resigns in frustration: 'No meaningful progress' toward a deal

The best budgeting apps for 2024

Six quarterback situations to worry about & three that are on the precipice | Zero Blitz

Timberwolves coach Chris Finch calls Jamal Murray's heat-pack toss on court 'inexcusable and dangerous'