Patch available to replace vulnerable log4j in ICSD Desktop and ICSD Intranet (Release version 2021.2)
On 10 December 2021, the German Federal Office for Information Security (BSI) warned of a critical vulnerability in a Java library. Affected is Log4j, a component administered by the Apache Foundation for recording so-called log entries. Mainly affected is Log4j in versions 2.0 to 2.14.1. This library is also used in the latest ICSD Desktop and ICSD Intranet version 2021.2. We provide a file to replace the vulnerable log4j version with the latest version 2.17. Please download the patch and follow the instructions in the accompanying file.