...
BrightSign will continue to monitor further security developments and employ new mitigations when appropriate.
Java Apache Log4j
BrightSignNetwork.com, BSN.Cloud, BSNEE, and BrightAuthor:connected do not use log4j and are not impacted by the related vulnerability.
BrightSign OS does not contain Java. We do package the Java runtime as an extension: any customers who use the Java extension should audit their application to confirm if they use log4j, and if so, use a patched version that is not susceptible to CVE-2021-44228.
BrightSign Network
All BSN servers are hosted using Amazon Web Services (AWS). Amazon has patched all instances on their EC2 service to protect from the Meltdown and Spectre vulnerabilities.
...