About the Log4j Vulnerability

This week many organizations went through the scare caused by critical security vulnerability of commonly used Apache Log4j Java-based logging utility. Shortly after Apache announcement attackers in the wild began exploiting the Log4j vulnerability, prompting government cybersecurity institutions worldwide, including the US Cybersecurity and Infrastructure Security Agency, to issue alerts urging organizations to patch their systems immediately. The majority of Java-based decisioning platforms quickly provided advices and updates to their customers. Make sure that your application is safe by relying on the latest Log4J Release 2.16.0 (not 2.15.0!) that mitigates this vulnerability. Link

This entry was posted in Open Source, Software Development. Bookmark the permalink.

1 Response to About the Log4j Vulnerability

  1. jacobfeldman says:

    On Dec.18 Apache released new 2.17.0 patch for Log4j to solve another vulnerability that may cause denial of service: https://www.zdnet.com/article/apache-releases-new-2-17-0-patch-for-log4j-to-solve-denial-of-service-vulnerability/

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s