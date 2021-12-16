But the problem does not seem to stop there. According to Praetorian security researchers, there is a third independent Log4j vulnerability. This bug, which is not fixed by version 2.15.0 either, may allow the leakage of confidential data. At the moment they have not given more technical data to avoid its exploitation.

This new vulnerability has been registered as CVE-2021-45046 . A hypothetical attacker could carry out denial of service. This new issue comes after the original fix for the Log4Shell vulnerability was incomplete in certain non-default configurations.

Cloudflare has warned that cybercriminals are beginning to exploit a second vulnerability in Log4j. They indicate that it is essential that users have the latest version 2.16.0, since otherwise they would be vulnerable. Keep in mind that version 2.15.0 came to correct the initial failure, but it is not enough anymore.

These failures that we mentioned can put industries of all kinds at risk worldwide. It is a widely used registry library, so many can be affected.

Once again, installing the latest version is the best possible solution to be protected against this new vulnerability in Log4j. This is the second that we see in a matter of days and, as we have explained, it makes the previous patch released, version 2.15.0, not effective to correct this new problem.

So what can we do to be protected? There is no choice but to update again, this time at the version 2.16.0. This will protect us from this second attack that can cause denial of service and compromise proper operation.

However, as we have seen, there may be a third vulnerability let it start to be exploited. A new update will need to be reinstalled shortly to correct this vulnerability once again.

In short, Log4j is once again present in a new vulnerability. It is a bug that is being actively exploited, but for which there is already a patch with update 2.16.0 that all users should install as soon as possible to avoid problems.

