Datto Holding Corp. is encouraging all MSPs to download a free script that it has developed and made available on GitHub for any Remote Monitoring and Management solution. This Endpoint Assessment Tool can uniquely enumerate potentially vulnerable systems, detect intrusion attempts, and inoculate Windows systems against Log4j attacks. A serious zero-day vulnerability in the Apache Log4j logging framework was disclosed. The bug, which allows malicious actors to exploit vulnerable systems remotely, has been given the highest severity score, and governments globally have issued alerts. Within the critical 24 to 48 hour period following the disclosure of the vulnerability, Datto first declared its products safe for use. Datto immediately began sharing active threat intelligence with the MSP community about attacks it observed to help MSPs understand the Log4j threat and how it was being exploited. Datto packaged quality contributions from the security community into an MSP-friendly form and released two different versions of an Endpoint Assessment Tool to help Datto partners and all MSPs detect and respond to potential exploitations. The adoption of the component created for Datto RMM has been utilized by almost 50% of all Datto RMM partners, which represents millions of scans of endpoints by MSPs for vulnerabilities at client-sites that are small and medium businesses. Unlike other scanners, scripts, and tools made in the wake of Log4Shell, which only scan the system for insecure JAR files, Datto’s tool goes a step further. It provides the ability to search the contents of server logs to detect intrusion attempts as well as inoculate Windows systems against Log4j attacks. Weeks provides the following advice for MSPs: update all Java applications which use Log4j, Restrict outbound network access from affected hosts so Java classes can not be downloaded from remote locations, Talk to vendors about their posture with regards to Log4j and how they are assessing their own vendors.