log4j2 "biggest, most critical vulnerability of the last decade"

Log4Shell, a zero-day exploit in the popular Java logging library log4j2 has made cloud services such as Steam and Apple iCloud vulnerable, as well as apps like Minecraft. Some sources are saying this computing vulnerability may be “the single biggest, most critical vulnerability of the last decade – and possibly the biggest in the history of modern computing”.

I would suggest daily updating your computer/phone/tablet operating systems so that any recent security updates are implemented.

You can Google “log4j2” for recent articles. For example:

“pay attention to your internet properties. You should continue to use strong, unique passwords for your services. Add two-factor authentication to sensitive apps and emails that govern access to online financial transactions. Keep an eye on suspicious activity in those sensitive accounts, whether it’s email or home banking apps. While you’re at it, UPDATE ALL THE SOFTWARE ON YOUR DEVICES to the latest versions available. That includes operating systems and apps. As these companies deploy Log4j fixes, you’ll want to make sure you get them as fast as possible.”

EDIT: Discussion about Steam:


I have been reading about this on Arstechnica over the weekend and this exploit is bonkers.
It’s a good idea to remind everybody to update apps and browsers!


Thanks @markwr :heavy_heart_exclamation: :heavy_heart_exclamation: :heavy_heart_exclamation: