Because a patch is out. zero-day vulnerability is *a vulnerability in a system or device that has been disclosed but is not yet patched*. An exploit that attacks a zero-day vulnerability is called a zero-day exploit. ... Vulnerable systems are exposed until a patch is issued by the vendor.
>From Google -> https://www.trendmicro.com/vinfo/us/security/definition/zero-day-vulnerability . Zero-day is a flaw in software, hardware or firmware that is unknown to the party or parties responsible for patching or otherwise fixing the flaw. ... Once a zero-day vulnerability has been made public, it is known as an n-day or one-day vulnerability - https://www.techtarget.com/searchsecurity/definition/zero-day-vulnerability On Sun, 19 Dec, 2021, 20:50 Gary Gregory, <garydgreg...@gmail.com> wrote: > Why do you think it is not a 0-day? > > Gary > > On Thu, Dec 16, 2021 at 3:02 PM Christopher Schultz > <ch...@christopherschultz.net> wrote: > > > > To whom it may concern, > > > > Off-topic top-post: please stop repeating the incorrect claim that this > > was a zero-day vulnerability. That term means something specific, and it > > does not apply in this case. > > > > -chris > > > > On 12/16/21 11:51, Turritopsis Dohrnii Teo En Ming wrote: > > > Subject: How do I determine which hardware device and software has > > > log4j zero-day security vulnerability? > > > > > > Good day from Singapore, > > > > > > I am working for a Systems Integrator (SI) in Singapore. We have > > > several clients writing in, requesting us to identify log4j zero-day > > > security vulnerability in their corporate infrastructure. > > > > > > It seems to be pretty difficult to determine which hardware device and > > > which software has the vulnerability. There seems to be no lists of > > > hardware devices and software affected by the flaw any where on the > > > internet. > > > > > > Could you refer me to definitive documentation/guides on how to > > > identify log4j security flaw in hardware devices and software? > > > > > > Thank you very much for your kind assistance. > > > > > > Mr. Turritopsis Dohrnii Teo En Ming, 43 years old as of 16 Dec 2021, > > > is a TARGETED INDIVIDUAL living in Singapore. He is an IT Consultant > > > with a Systems Integrator (SI)/computer firm in Singapore. He is an IT > > > enthusiast. > > > > > > > > > > > > > > > > > > > > > -----BEGIN EMAIL SIGNATURE----- > > > > > > The Gospel for all Targeted Individuals (TIs): > > > > > > [The New York Times] Microwave Weapons Are Prime Suspect in Ills of > > > U.S. Embassy Workers > > > > > > Link: > > > > https://www.nytimes.com/2018/09/01/science/sonic-attack-cuba-microwave.html > > > > > > > ******************************************************************************************** > > > > > > Singaporean Targeted Individual Mr. Turritopsis Dohrnii Teo En Ming's > > > Academic Qualifications as at 14 Feb 2019 and refugee seeking attempts > > > at the United Nations Refugee Agency Bangkok (21 Mar 2017), in Taiwan > > > (5 Aug 2019) and Australia (25 Dec 2019 to 9 Jan 2020): > > > > > > [1] https://tdtemcerts.wordpress.com/ > > > > > > [2] https://tdtemcerts.blogspot.sg/ > > > > > > [3] https://www.scribd.com/user/270125049/Teo-En-Ming > > > > > > -----END EMAIL SIGNATURE----- > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: log4j-user-unsubscr...@logging.apache.org > > > For additional commands, e-mail: log4j-user-h...@logging.apache.org > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: log4j-user-unsubscr...@logging.apache.org > > For additional commands, e-mail: log4j-user-h...@logging.apache.org > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: log4j-user-unsubscr...@logging.apache.org > For additional commands, e-mail: log4j-user-h...@logging.apache.org > >
