“The Log4j vulnerability is the most serious vulnerability I have seen in my decades-long career.”
– Jen Easterly, Security Director of the U.S. Cybersecurity and Infrastructure Security Agency
Just as Java is everywhere, Log4j is everywhere within Java.
Discovered in December 2021, a security vulnerability in Apache’s Log4j allows widespread exploitation of remote code execution (RCE). Simply put, an unauthenticated remote actor could exploit this vulnerability to take control of an affected system and embed malware.
This guide provides: