Log4Shell update: Attack surface, attacks in the wild, mitigation and remediation

The easily exploitable vulnerability CVE-2021-44228, also called Log4Shell, is a flaw found in Apache Log4j, a Java-based logging tool employed in many enterprise applications. The vulnerability allows remote code execution without authentication and primarily affects Apache Log4j versions between 2.0-beta9 and 2.14.1. The aftermath of its exposure has spawned a scramble amongst companies to secure their software. Experts warn that its scope and impact are still under review as new vulnerable systems continue to be identified.