Google Ads unaffected by Log4j vulnerability

Posted On 15 Dec 2021

Comment: Off

However, if you are using an Ads API Client Library and Apache Log4j versions 2.0 to 2.14.1, you should upgrade to the patched version 2.15.0.

Google Ads and Google Marketing Platform are not using versions of Log4j affected by the CVE-2021-44228 vulnerability, the company announced on Monday.

Why we care

Although Google Ads and Google Marketing Platform aren’t using vulnerable versions of Log4j, marketers that have built their own API integrations with any of the Google APIs should ensure that whatever they are using isn’t affected by the CVE-2021-44228 vulnerability.

Additionally, if you are using an Ads API Client Library and Apache Log4j versions 2.0 to 2.14.1, you should upgrade to the patched version 2.15.0, Google said on its developer blog.

More on the news

“Our security teams are investigating any potential impact on Google products and services and are focused on protecting our users and customers,” Google said.
The flaw, which was discovered on December 9, may allow hackers to attack unpatched Apache servers in order to take control of a system.
“To be clear, this vulnerability poses a severe risk,” Jen Easterly, director of the U.S. Cybersecurity and Infrastructure Security Agency, said in a statement, “We will only minimize potential impacts through collaborative efforts between government and the private sector. We urge all organizations to join us in this essential effort and take action.”

Google Ads unaffected by Log4j vulnerability

However, if you are using an Ads API Client Library and Apache Log4j versions 2.0 to 2.14.1, you should upgrade to the patched version 2.15.0.

Why we care

More on the news

About the Author

Video: Brian Ussery of Razorfish on SEO for e-commerce sites

Avoid an identity crisis by getting to know your customers