The patch comes as attempts to exploit the zero-day vulnerability began to ramp up worldwide, and was badly needed as there were no other viable remediation techniques to stop remote code execution.
New studies from FireEye Mandiant Threat Intelligence and Google’s Project Zero found that 2021 was a record year for zero-day vulnerabilities, more than doubling the amount seen in 2020.
Many organizations affected by Log4j’s zero-day vulnerability with mass internet scanning detected, suggesting the remote code execution flaw was actively targeted in the wild.