You may have heard or been a part of patching a major security issue this week with log4j

The Log4j flaw, disclosed by Apache last week, allows attackers to execute code remotely on a target computer, meaning that they can steal data, install malware or take control.

Every Log4j version published between September 13, 2013 and December 5, 2021 is vulnerable.

The Apache Software Foundation, developer of Log4j, published an emergency patch to fix the vulnerability. We might not know about companies that have been exploited for months or longer.