Cybereason released Logout4Shell, a vaccine for Log4Shell Apache Log4j RCE

Cybereason researchers released a “vaccine” that mitigates the critical ‘Log4Shell’ Apache Log4j code execution vulnerability. Chinese security researcher p0rz9 publicly disclosed a Proof-of-concept exploit for a critical remote code execution zero-day vulnerability, tracked a┬áCVE-2021-44228┬á(aka┬áLog4Shell), in the Apache┬áLog4j┬áJava-based logging library. p0rz9 revealed that the CVE-2021-44228 can only be exploited if the┬álog4j2.formatMsgNoLookups┬áoption is set to┬áfalse. The Log4j is widely … Continue reading Cybereason released Logout4Shell, a vaccine for Log4Shell Apache Log4j RCE