In the frantic time since the flaw was publicly disclosed, researchers have concluded that the vulnerability had existed in Log4j since September 2013, apparently unknown to its vast universe of users. — Photo by Fotis Fotopoulos on Unsplash
At 2.51pm on Nov 24, members of an open-source software project received an alarming email. The contents threatened to undermine years of programming by a small group of volunteers and unleash massive cyberattacks across the globe.
“I want to report a security bug,” wrote Chen Zhaojun, an employee on Alibaba Group Holding Ltd’s cloud-security team, adding “the vulnerability has a major impact”.
Already a subscriber? Log in.
Limited time offer:
Just RM5 per month.
Cancel anytime. No ads. Auto-renewal. Unlimited access to the web and app. Personalised features. Members rewards.
Follow us on our official WhatsApp channel for breaking news alerts and key updates!
