submitted by krajewsk@augsburg.edu
Here’s an update on our response to the log4j vulnerability that has been in the news this past week. As soon as it was announced last weekend our systems team started to identify which systems may be impacted by it. On Monday once vendors began releasing fixes or patches we started applying them to any of our affected systems. Because log4j is a Java component we had a relatively low exposure because we have relatively few Java systems.