Log4j - Older app on Windows server using JRE 1.8.0.x - is it impacted?

log4j

I can't find any info on whether specific versions of JRE are impacted? The app on my Windows Server 2012 uses JRE 1.8.0.x (1.8.0_91) but not sure if if uses Log4j logging service. Can anyone help clarify because oddly, I can't find anyone explaining this. Thanks much!!


Solution 1:

The JRE version is not really relevant. The security issue is not in the JRE, it's in a third party library that is used by Java applications. The library is not shipped with the JRE, it's shipped with the application. You need to check the version and the release notes and security notices of your application, not the JRE.

Related

What would initiate MariaDB to start to resolve IP addresses?
Nginx not showing 404 when attempting a nonexistent folder
How many KVM make sense to run ? (Proxmox) [duplicate]
Network layer communication with multiple hosts with the same IP but different MAC addresses
How to stop Let'sEncrypt checking my domain for acme-challenge
How can I save in Ansible variable the output from a bash command?
Intransitive use of "to wake" vs. "to wake up" [closed]
Is it correct to say "files from 3 days ago" or "files of 3 days ago"?
Using only a direct object with the verb "give"
Is "we contribute ..." bad style in scientific writing?
Is there a word? [closed]
How to make these sentences passive: 'People believe that Jenkins is the culprit.' and 'People believed that Jenkins was the culprit.' [closed]