Log4j flaw attack levels remain high, Microsoft warns

Microsoft has warned Windows and Azure customers to remain vigilant after observing state-sponsored and cyber-criminal attackers probing systems for the Log4j ‘Log4Shell’ flaw through December.

Disclosed by the Apache Software Foundation on December 9, Log4Shell will likely take years to remediate because of how widely the error-logging software component is used in applications and services.

Microsoft warns that customers might not be aware of how widespread the Log4j issue is in their environment.

Read more…
Source: ZDNet