Log4J has been fixed by Apache Software foundation

Due to an actively exploited zero-day vulnerability: https://thehackernews.com/2021/12/extremely-critical-log4j-vulnerability.html This bug is a 10 of 10 on the CVSS rating from the article a snippet: Tracked as CVE-2021-44228 and by the monikers Log4Shell or LogJam, the issue concerns a case of unauthenticated, remote code execution (RCE) on any application that uses the open-source utility and affects … Read more

Always Patching Or else What Happens?

Yes there are rumblings of the ZeroLogon issue at Threatpost articles: Microsoft Zerologon Flaw Under Attack By Iranian Nation-State Actors. Dark Reading article: One year later…  a look back at Zerologon!   For August 2021 patch Tuesday (August 10th) 120  vulnerabilities are fixed including 2 zero -days and one elevation-of-privilege  flaw in Netlogon remote protocol.  … Read more