ZDNet

Security company offers Log4j 'vaccine' for systems that can't be updated immediately

It is freely available on GitHub and Cybereason said it "is a relatively simple fix that requires only basic Java skills to implement." "In short, the fix uses the vulnerability itself to set the flag ...
Bleeping Computer

Log4j 2.17.1 out now, fixes new remote code execution bug

Apache has released another Log4j version, 2.17.1 fixing a newly discovered remote code execution (RCE) vulnerability in 2.17.0, tracked as CVE-2021-44832. Prior to today, 2.17.0 was the most recent ...