Minecraft and other apps face serious threat from Log4j code execution bug
https://arstechnica.com/information-technology/2021/12/minecraft-and-other-apps-face-serious-threat-from-new-code-execution-bug/
A newly discovered vulnerability affecting Java versions of Minecraft makes it possible for miscreants to execute malicious code on servers and end-user devices running the wildly popular game, several websites said on Thursday.
And as if a vulnerability of this magnitude in the world’s best-selling game wasn’t serious enough, the breadth and immediacy of the bug may be worse still. Exploit code has become available for the underlying vulnerability, which resides in Log4j, a logging utility that’s built into some of the Internet’s most widely used development frameworks, all but ensuring that Minecraft isn’t the only major application to be affected.