The Apache Foundation has released an emergency update for a critical zero-day vulnerability in Log4j. This is a widely used logging tool included in almost every Java application. The problem that the update has been issued to address is that a bug in the Log4j library could allow an attacker to execute arbitrary code on a system that is using Log4j to write out log messages. The update can be found here: https://logging.apache.org/log4j/2.x/security.html
Having had some real bad experiences with IT companies in the past it has been a breath of fresh air to have you and your team assisting all of my staff with any issues that have arisen.
- Tony King -