Microsoft’s Minecraft has already issued a statement on how users can update the game to avoid the issue. Who all are impacted by Log4j?Īccording to cybersecurity firm LunaSec, many services are vulnerable to the Log4Shell exploit, including gaming service Steam, Apple’s iCloud, etc. The technical definition in the CVE library states that “An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.” The worrisome part here is that the exploit has likely been used by hackers to gain access to certain computer systems, and now that the exploit is in the open, companies will have to patch it soon.Īccording to reports, the problem appears to have been patched for everyone on Log4j 2.15.0 and above as the behaviour has been disabled by default. Read more | Critical flaw in crypto wallets on NFT marketplace OpenSea discovered: Check Point Security
0 kommentar(er)
