“The internet’s on fire right now," said Adam Meyers, senior vice president of intelligence at the cybersecurity firm Crowdstrike. It was uncovered in a utility that's ubiquitous in cloud servers and enterprise software used across industry and government. The vulnerability, dubbed ‘Log4Shell,’ was rated 10 on a scale of one to 10 the Apache Software Foundation, which oversees development of the software. Meyers and security expert Marcus Hutchins said Minecraft users were already using it to execute programs on the computers of other users by pasting a short message in a chat box. Microsoft said it had issued a software update for Minecraft users.

Source: CBC News December 11, 2021 02:04 UTC