News and Announcements

Zoom - Log4j vulnerability mitigation 12/16/21

Posted: 2021-12-16 15:51:08   Expiration: 2021-12-23 15:51:08

Disclaimer: This news item was originally posted on 2021-12-16 15:51:08. Its content may no longer be timely or accurate.

Zoom reports: "On December 9, 2021, a vulnerability identified as CVE-2021-44228 was disclosed in the Apache Log4j Java logging library affecting all Log4j versions prior to 2.15.0. Upon becoming aware of the initial vulnerability disclosure on December 9, Zoom’s Security Team immediately began investigating. We applied Apache’s recommended mitigations to Zoom systems identified at that time as running a vulnerable version of Log4j. "

For more information, see: Zoom Security Bulletin for CVE-2021-44228 and CVE-2021-45046

-- UWSA DLE: Thomas Arendalkowski