This article has been indexed from Fox-IT International blog
tl;dr Run our new tool by adding -javaagent:log4j-jndi-be-gone-1.0.0-standalone.jar to all of your JVM Java stuff to stop log4j from loading classes remotely over LDAP. This will prevent malicious inputs from triggering the “Log4Shell” vulnerability and gaining remote code execution on your systems. In this post, we first offer some context on the vulnerability, the released fixes (and their shortcomings), and … Continue reading log4j-jndi-be-gone: A simple mitigation for CVE-2021-44228
Read the original article: log4j-jndi-be-gone: A simple mitigation for CVE-2021-44228