Patch systems vulnerable to critical Log4j flaws, UK and US officials warn

Image: Getty Images. Article by Dan Goodin.  Ars Technica – January 7, 2022.

Criminals are actively exploiting the high-severity Log4Shell vulnerability on servers running VMware Horizon in an attempt to install malware that allows them to gain full control of affected systems, the UK’s publicly funded healthcare system is warning. CVE-2021-44228 is one of the most severe vulnerabilities to come to light in the past few years. It resides in Log4J, a system-logging code library used in thousands if not millions of third-party applications and websites. That means there is a huge base of vulnerable systems. […]

Click here to view original web page at arstechnica.com