Log4j has been patched and a new version made available today, but many servers have not updated their Java or Apache builds yet to incorporate it. Many servers running the open-source Apache software also use Log4j.
It could let an attacker gain remote control of any client machine logged into a server running a Java instance using a vulnerable version of Log4j. 9) to have an extremely serious security flaw. This security flaw isn't in Minecraft itself, but in the Java environment that Minecraft Java Edition uses to be cross-compatible on Windows, Mac and Linux.Ī widely used open-source logging utility called Log4j was found yesterday (Dec. "Some of the major servers like 2b2t and Mineplex have shut down, and larger servers that haven't shut down yet are pure chaos right now." This problem goes far beyond Minecraft Anyone can send a chat message which exploits everyone on the server and the server itself, because every chat message is logged," wrote commenter createonez on the Hacker News forum earlier today. "This exploit is quite severe on Minecraft Java Edition. If you got the Windows version of the game from the Microsoft online store, or you're playing Minecraft on iOS, Android or a gaming console, then you're running the Bedrock Edition and you're not in any danger.
Generally, if you downloaded your Minecraft software for Windows from the Minecraft website, or you're using a Mac or Linux box, you're running the Java Edition. That edition is not based on Java and runs on Windows, mobile devices and game consoles. Nor does the flaw seem to affect Minecraft Bedrock Edition, aka just Minecraft.
0 kommentar(er)
