Links are provided to jump to the content below: To help customers protect themselves, we are also providing the following product specific guidance to help customers improve their security posture. As we continue our investigation, we will notify affected parties if we identify any impact to customer data. If you are using any Microsoft services other than those explicitly listed in the CVE, no action is required by you at this time. Customers are encouraged to apply these updates as quickly as possible. Our security teams have been analyzing our products and services to identify and mitigate any instances of CVE-2021-44228 and CVE-2021-45046 in Apache Log4j 2.Īffected Microsoft products requiring customer action have been released in our Security Update Guide – CVE-2021-44228. Currently, Microsoft is not aware of any impact, outside of the initial disclosure involving Minecraft: Java Edition, to the security of our enterprise services and has not experienced any degradation in availability of those services as a result of this vulnerability. Microsoft continues our analysis of the remote code execution vulnerabilities related to Apache Log4j (a logging tool used in many Java-based applications) disclosed on.
Published on: 2021 Dec 11, updated 2022 Apr 6.
0 kommentar(er)
