InfoWorld

How to detect the Log4j vulnerability in your applications

A bug in the ubiquitous Log4j library can allow an attacker to execute arbitrary code on any system that uses Log4j to write logs. Does yours? Yesterday the Apache Foundation released an emergency ...
ZDNet

Log4j: Major IT vendors rush out fixes for this flaw and more ahead of Christmas

The holiday season is shaping up to be busy for those patching systems affected by the critical flaw in the Log4j Java application error logging library. Since ...
ZDNet

Apache releases new 2.17.0 patch for Log4j to solve denial of service vulnerability

Apache said version 2.16 "does not always protect from infinite recursion in lookup evaluation" and explained that it is vulnerable to CVE-2021-45105, a denial of service vulnerability. They said the ...