Apache has published a security advisory to address a critical vulnerability, tracked as CVE-2021-44832 that can allow remote actors to take full control of an affected system. It is recommended that you take the necessary precautions by ensuring your products are always updated.
For more information on this update, you can follow this URL:
https://logging.apache.org/log4j/2.x/security.html
The Guyana National CIRT recommends that users and administrators review this update and apply it where necessary.
PDF Download: Apache Security Advisory.pdf
References
Apache security advisory (28th December 2021). Retrieved from thehackernews.
https://thehackernews.com/2021/12/new-apache-log4j-update-released- to.html
Apache security advisory (28th December 2021). Retrieved from National Vulnerability Database.