The new vulnerability affects the widely used library Log4j which was created by Apache, the most widely used web server. The Log4j vulnerability allows remote code execution by simply typing a specific string into a textbox. It was first discovered by Minecraft players but soon it was realized that this vulnerability wasn’t just a Minecraft exploit, but works on every program using the Log4j library.
Microsoft said Saturday that Log4j vulnerability, will not only affect machines that mine cryptocurrencies but can cause more serious problems such as credential and data theft.
The tech giant said that its threat intelligence teams have been tracking attempts to exploit the remote code execution (RCE) vulnerability that was revealed late on Thursday.
In its post, Microsoft said that “at the time of publication, the vast majority of observed activity has been scanning, but exploitation and post-exploitation activities have also been observed.”
From Robinson Distribution we can confirm, our Hardware products, Spam, Firewall and Backup solutions are not affected by the security flaw, to see if any of your systems are affected check this page