The Log4j vulnerability, discovered in a widely used software library, is currently causing a stir, as security researchers rush to close any gap while cyber criminals rush to exploit the vulnerability.
Security researchers fear that the rate of abuse could soar, as the Log4j vulnerability stems from a popular open source product that helps software developers track changes in the applications they build.
The head of CISA described the vulnerability as one of the deadliest in years. Companies have therefore been warned to ensure that some workers are available while on leave to ensure that the vulnerability is effectively addressed and remedied.
Although Apache, the vendor of Log4j, has recently released a partial fix to fix the vulnerability, much remains to be done. At the moment, affected companies and security defenders need time to locate the vulnerability and also to install patches.