Updated Guidance on Addressing Log4J CVEs

The Apache Software Foundation provided updated guidance that the patch to fix Log4Shell (version 2.15.0 and below) was insufficient – a new update (version 2.16.0) fixes these issues. In addition, it was also confirmed that updating JVM settings can be overridden by attackers and is no…

Source: securityboulevard.com – Read more