If log4J is only for SQL 2019 and not for prior versions of SQL

Gudala, v s s GayatriKumar 1 Reputation point


Our application is using SQL 2019 Express. After installation of SQL 2019 SQL 2019 Express edition RTM (15.0.2000.5) Log4J components are found under "C:\Program Files\Microsoft SQL Server\150\DTS\Extensions\Common\Jars". We did our analysis and understood that SQL 2019 Express edition RTM (15.0.2000.5) is placing these Log4J binary in "C:\Program Files\Microsoft SQL Server\150\DTS\Extensions\Common\Jars" folder.

However, after installation of SQL 2017 Express edition (14.0.1000.169) the Log4J components are not found in the installation location. There is a vulnerability reported associated with Log4J, so we want to avoid rid of Log4J

Q: Does only SQL 2019 Express edition RTM (15.0.2000.5) installs Log4J components?
Q: Can we know the steps to avoid Log4J components during installation as we don’t require java components for our application?
Q: In the future release of SQL , will Log4J continue to exist.

Kindly resolve these questions soon.


SQL Server
SQL Server
A family of Microsoft relational database management and analysis systems for e-commerce, line-of-business, and data warehousing solutions.
12,601 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Tom Phillips 17,716 Reputation points
    1 person found this answer helpful.
    0 comments No comments

  2. Seeya Xi-MSFT 16,436 Reputation points

    Hi @Gudala, v s s GayatriKumar ,

    Please read the blog as Tom post which is a official response.
    The published list shows affected products only. If a product you seek information on is not listed there, it is because it is not impacted by CVE–2021–44228 or CVE–2021–45046 at the time of this publication. Microsoft continuously monitors for potential threats. For products and services not listed, no action is required by you at this time.

    Best regards,

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments