Dec 17, 2021, 7:02 pm EST | 3 min read A critical exploit in widespread Java library has been found, disrupting much of the internet as server admins scramble to fix it. The vulnerable component, log4j, is used everywhere as an included library, so you will need to check your servers and make sure they’re updated. How Does This Exploit Work? As far as exploits go, the log4j ulnerability is by far one of the worst in the last few years, scoring a rare 10/10 on the CVSS scale, and is going to haunt the entire internet for many years to come. What’s worse is that log4j isn’t an application—it’s an open source library used by many other applications. You may not have it installed directly; it might be included in other .jar files, or installed by other applications as a dependency. Essentially, it allows attackers to send text to your application, and if it logs it som… Click below to read the full story from How To Geek
Read More
How to Check If Your Server Is Vulnerable to the log4j Java Exploit (Log4Shell)
