Contact

Please get in touch. We will be pleased to assist you.

Go to contact form

Newsletter

+49 89 68004 - 0
 (Mon. to Fri., 8:00 am to 5:00 pm)

kontakt@pcs.com

PCS Locations

Service & Repair

Device Repair Order Form

+49 89 68004 - 666
 Mon. to Thurs., 8:00 am to 5:00 pm
Fri., 8:00 am to 4:00 pm

Questions about software: software-support@pcs.com

Questions about hardware /
other questions: support@pcs.com

Our partner

PCS works with approximately 100 software and system house partners from all over the world. They offer security solutions based on INTUS products and addressing all areas of production data collection and security technology.

Solution partner

Installation partner

Career

We are constantly looking for new, committed colleagues to strengthen our team.

Our open jobs

Contact
Andrea Scholz
Personalreferentin Recruiting

+49 89 68004 - 0

from 17.12.2021

Latest information on the BSI security alert: Java log4j

Latest Update: 2022/01/24

 

The German Federal Office for Information Security (BSI) has published information about a critical vulnerability in the Java log4j library. PCS has taken action and has checked its software products accordingly.

We have already informed you how to use the system property log4j2.formatMsgNoLookups to quickly minimize the risk. Further research by the Apache Software Foundation has shown that it is necessary to update to log4j version 2.16.0 to completely eliminate the risk. If you have already performed the first recommended action, this does not need to be reversed.

 


Updated jar file with log4j version 2.16.0 is available
As already communicated, the Java log4j library is included in the HTTPS server of INTUS COM 3.4 and INTUS COM 3.5. We provide - as recommended by the Apache Software Foundation (https://logging.apache.org/log4j/2.x/security.html) - an updated jar file including the secure log4j library version 2.16.0 for replacement in your system. This jar file and the instructions for replacing this file are available for download. You can also find it in the PCS Support Center.

Further analysis of DEXICON 5.1 to 5.4 brings pleasant result
Deeper analysis has shown that the DEXICON 5.4 components themselves do not contain the security-critical log4j core library. However, DEXICON always includes INTUS COM. Only for DEXICON installations with versions 5.1 to 5.4 it should be noted that the INTUS COM HTTPS server could be installed as an optional component. We therefore recommend that customers with DEXICON versions 5.1 to 5.4 check whether the INTUS COM HTTPS server has actually been installed. In this case, we also recommend replacing the jar file in your system.

New DEXICON and INTUS COM version as of 22/01/12
We will also provide corresponding patches for the current versions of DEXICON and INTUS COM from 22/01/12 - as already announced - which will contain the secure log4j with version 2.16.0. These will be the versions DEXICON 5.4.3 and INTUS COM 3.5.2. With the installation of these versions the upgrade to the log4j library version 2.16.0 is done automatically and the security gap is reliably closed.

In general, we would like to inform you as quickly and transparently as possible. We have created a complete list of PCS software products, which shows which products/product versions are verified safe or affected, including recommended solutions. This list is also available for download and in the PCS Support Center. With regard to third-party applications, we are in close coordination with the respective manufacturers. We update this list regularly according to the current state of knowledge.

Downloads

Info Paper List of PCS Products
pdf / 86 KB
Download
Info Paper Fixing Security Gap Java log4j
pdf / 1 MB
Download

Your PCS Contact

Susanne Plank
Press

Phone.: +49 89 68004 - 0

Email: presse@pcs.com

Go to contact form
Susanne Plank, Presse
* required fields!