Apache Log4j vulnerability CVE-2021-44228
Patch My PC engineers are hard at work monitoring and releasing catalog updates as they are released by vendors, and the Patch My PC Publisher does not use the Log4J library.
Topics covered in this article:
Patch My PC Publisher
The Patch My PC Publishing Service application does not utilize the Log4j library.
Our terms of service list the in-use open-source software as dependencies in our software, which you can read here: https://patchmypc.com/terms-of-service
Patch My PC Catalog
If products in the Patch My PC catalog utilize the Log4j library, we are beholden to the vendor to release a software update to mitigate the vulnerability. When vendors release new versions, we will update our catalog accordingly.
What is the turnaround time for a third-party software update to be added to the catalog? https://patchmypc.com/frequently-asked-questions#update-turnaround-time
Due to the severity of this issue, we will continue to monitor and release new versions into our catalog as soon as vendors make them available.