The U.S. Cybersecurity and Infrastructure Security Agency, the FBI and the National Security Agency have issued a joint advisory on the known vulnerabilities in the Apache Log4j software library. The advisory follows CISA’s emergency directive, issued Friday, overriding the previous deadline of Dec. 24 to patch or mitigate immediately. CISA Director Jen Easterly: “Log4j vulnerabilities present a severe and ongoing threat to organizations and governments around the world; we implore all entities to take immediate action to implement the latest mitigation guidance””]
Source: https://www.inforisktoday.com/cisa-international-partners-advise-all-orgs-to-patch-log4j-a-18183