So, I’ve seen a load of headlines today warning of a security weakness that was apparently identified on Friday. A bit surprised there’s no thread about it? Or is discussion happening somewhere and I just didn’t pick up on it?
The new vulnerability affects the widely used library Log4j which was created by apache. The Log4j vulnerability allows remote code execution by simply typing a specific string into a textbox. It was first discovered by Minecraft players but soon after it was realized that this vulnerability wasn’t just a Minecraft exploit, It works on every program using the Log4j library.
This is one of the worst vulnerabilities we have had in the last 10 years and this is just a very simple surface-level article if you are running Log4j I would recommend temporarily shutting down your application and looking deeper into how to fix the vulnerability.
Thats quite a statement… The Qt3 hivemind is pretty tech-savy, is this really that bad or is the media exaggerating things here?