Severe alert issued on an actively exploited Log4j vulnerability

A vulnerability was published on 10th December 2021 linked to the Log4j component. It could allow attackers to execute arbitrary commands on an application server. Users cannot fix the vulnerability, and system administrators need to take protective measures, including updates and investigating the extent of exposure. Finnish organizations are under investigation and there are no easily detectable ways for services like Steam or iCloud to find out their vulnerability.