On December 09, 2021, a zero-day exploit affecting the popular Apache Log4j utility (CVE-2021-44228) was made public. The vulnerability allows for unauthenticated remote code execution. Log4j 2 is an open-source Java logging library developed by the Apache Foundation. Log4j 2 is widely used in many applications and is present as a dependency in many services. These include enterprise applications as well as numerous cloud services.

None of TAO Solutions’ software products (MortgageHub, SecureHub, LeaseSpark) make use of the Apache Log4j library and are not vulnerable to such attacks.

For any additional questions or inquiries, please direct them to your designated account manager.