Happy Meter

biometrics

biometrics

Well-Known Member
Joined
Oct 17, 2019
Messages
20,332
Düber said:
Did that and found some in my Arduino IDE (ver 2.12.0), according to this

github.com

log4shell/software at main · NCSC-NL/log4shell

Operational information regarding the log4shell vulnerabilities in the Log4j logging library. - log4shell/software at main · NCSC-NL/log4shell
github.com github.com

there is a fix that was implemented.
If I stay up to date am I all good then?
Click to expand...
Though it is good to fix it, if you don't have a web server or similar accessablity from the internet you won't be affected. This is a direct access exploit.
 
S

Sinbad

Well-Known Member
Joined
Jun 23, 2020
Messages
1,736
biometrics said:
Though it is good to fix it, if you don't have a web server or similar accessablity from the internet you won't be affected. This is a direct access exploit.
Click to expand...
Not necessarily. You could import a project that writes something dodgy to your log file and pwns your system.

But the fix is well known and effective
 
biometrics

biometrics

Well-Known Member
Joined
Oct 17, 2019
Messages
20,332
Sinbad said:
Not necessarily. You could import a project that writes something dodgy to your log file and pwns your system.

But the fix is well known and effective
Click to expand...
Pretty unlikely. But yes always good to apply patches.
 
You must log in or register to reply here.
Top