A Log4J Vulnerability Has Set the Internet ‘On Fire’

The US Cybersecurity and Infrastructure Security Agency and Australia’s CERT alerted users of a critical vulnerability in Apache’s Log4j, a widely-used logging library, which is being actively exploited. The problem is exacerbated by the prevalence of legacy software and the complexity of patching in live services, resulting in many scrambling to implement fixes. Experts emphasise the challenges of addressing security risks in interdependent software systems. The priority is identifying the extent of the problem.