Security News > 2022 > December > A year later, Log4Shell still lingers
72% of organizations remain vulnerable to the Log4Shell vulnerability as of October 1, 2022, Tenable's latest telemetry study has revealed, based on data collected from over 500 million tests.
"While an organization may have been fully remediated at some point, as they've added new assets to their environments, they are likely to encounter Log4Shell again and again. Eradicating Log4Shell is an ongoing battle that calls for organizations to continually assess their environments for the flaw, as well as other known vulnerabilities."
Other key findings 28% of organizations across the globe have fully remediated Log4Shell as of October 1, 2022, a 14-point improvement from May 2022.
53% of organizations were vulnerable to Log4j during the time period of the study, which underscores the pervasive nature of Log4j and the necessary ongoing efforts to remediate even if full remediation was previously achieved.
As of October 2022, 29% of vulnerable assets saw the reintroduction of Log4Shell after full remediation was achieved.
Nearly one third of North American organizations have fully remediated Log4j, followed by Europe, Middle East and Africa, Asia-Pacific and Latin America Similarly, North America is the top region with the percentage of organizations that have partially remediated, Europe, Middle East and Africa, Asia-Pacific, and Latin America.