A zero-day exploit affecting the popular Apache Log4j utility (CVE-2021-44228) was made public on December 9, 2021, and proof-of-concept code has already been released on GitHub. Several attacks utilizing this vulnerability have been reported (such as the chat functionality in many Minecraft servers). Proper execution of the vulnerability can result in remote code execution (RCE).

Our Software Engineering team has audited our code for all versions of VT Docs and VT Writer, both Cloud and On-prem, and determined that our products are NOT affected by this critical vulnerability.

Please feel free to reach out to our support team at support@visiblethread.com with any questions or concerns!