Twitter Feed: Post

Twitter FeedDec 11, 2021, 11:41 PM

@travisthetechie ("Travis Smith") retweeted:

@volker_simonis ("Volker Simonis") wrote:

I've written a simple (i.e. standalone, no dependencies) Java program which patches JndiLookup.lookup() to return a fixed string and not parse its arguments. This should fix CVE-2021-44228 (i.e. RCE in Log4j) without restarting your JVM process. #Log4J

https://github.com/simonis/Log4jPatch