This article addresses a concern raised regarding a security vulnerability that impacts Apache web services. We'll explain the issue, and how it can potentially impact your office.
What's the Issue?
The Apache Software Foundation, authors of a large number of software products, created a tool by the name of Log4j (pronounced "Logforge") to essentially record how programs run. This is largely used for code auditing and to investigate bugs. It's a routine tool included in a wide variety of products for PC and Mac.
...
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228
Is MacPractice vulnerable to this exploit?
Thankfully, MacPractice itself does not utilize this tool. MacPractice does make use of the Apache HTTP server to manage both internal and external communications. However, Log4j and HTTP server are completely different projects. MacPractice also does not make use of Java in any of our underlying code.
...