Microsoft updated several Defender solutions to defend users against exploits of Log4j. Among other things, the updates allow companies to identify and resolve Log4j vulnerabilities faster.

Specifically, Defender for Containers and Microsoft 365 Defender solutions underwent a change. Among other things, the updates allow Defender for Containers to discover container images that are vulnerable to exploits of Log4j.

Log4j update Defender for Containers

Defender for Containers now discovers images that are compromised by Log4j and allow remote code execution. Containers images are automatically scanned for vulnerabilities when pushed to an Azure container registry, when pulled from an Azure container registry and when running in a Kubernetes cluster.

Update for Microsoft 365 Defender.

As for Microsoft 365 Defender, a dashboard was added to display threats and potential vulnerabilities within Log4j. Through this dashboard, companies can identify and address relevant threats across files, software and devices.

New functionality is supported on Windows, Windows Server and Linux. Note that Linux support requires end users to update their Microsoft Defender for Endpoint Linux client to version 101.52.57 or any version released after 101.52.57. Although macOS support isn’t available yet, Microsoft states it will be shortly.