Cybereason released Logout4Shell, a vaccine for Log4Shell Apache Log4j RCE

Cybereason researchers released a “vaccine” that mitigates the critical ‘Log4Shell’ Apache Log4j code execution vulnerability. Chinese security researcher p0rz9 publicly disclosed a Proof-of-concept exploit for a critical remote code execution zero-day vulnerability, tracked a CVE-2021-44228 (aka Log4Shell), in the Apache Log4j Java-based logging library. p0rz9 revealed that the CVE-2021-44228 can only be exploited if the log4j2.formatMsgNoLookups option is set to false. The Log4j is widely … Continue reading Cybereason released Logout4Shell, a vaccine for Log4Shell Apache Log4j RCE