A vulnerability in the Java Apache Log4j library has been discovered and may be used to attack popular services, including Microsoft Minecraft, Valve Steam and Apple iCloud, among others.

Vulnerability Causes

The vulnerability, titled CVE-2021-44228 is considered a zero-day flaw and found in the library Log4j. The exploit is such that the attacker will have control over the servers and can perform code execution remotely.

Currently, companies are looking for ways to patch the exploit, including patches and assessing how it might impact their business.

CERT New Zealand has reported that the vulnerability is being used, with proof of concepts appearing on GitHub. Other Java versions, 11.0.1, 8u191, 7u201 and 6u211 are less affected but there’s also a chance it could be intruded.

Apple was alerted to the vulnerability existing on its iCloud platform, with security researchers claiming they were able to hack into the library successfully. In the meantime, major tech companies are currently working to patch the vulnerability.


Samantha is a senior news editor at iLounge. She has been covering the technology industry for over five years, writing about Apple, Google, and other major companies. Samantha has also worked as a reporter and editor for several other publications.