Apache log4j vulneraibilty-SQL Server

Shijin Nath 6 Reputation points
2021-12-19T12:48:03.423+00:00

Hello,
Does anyone know what is the patch for the below vulnerability?
158765-image.png

SQL Server | Other
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. YufeiShao-msft 7,146 Reputation points
    2021-12-20T02:09:30.39+00:00

    Hi @Shijin Nath

    For the most up to date information on this issue,please refer to the MSRC Advisory and Microsoft Security Threat Intelligence sites.

    Overall, Microsoft is aware of the log4j exploit, and actively working with all services to remediate any issues. The SQL Server does not have any known reliance on this vulnerable library.

    -------------

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    2 people found this answer helpful.

  2. Tom Phillips 17,771 Reputation points
    2021-12-21T14:32:30.77+00:00

    See this on the same subject:
    https://learn.microsoft.com/en-us/answers/questions/664855/sql-server-2017-log4j-found-within-commons-logging.html

    Those files are not affected by the problem.

    1 person found this answer helpful.
    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.