On December 9, 2021, a new critical 0-day vulnerability impacting multiple versions of the popular Apache Log4j 2 logging library was publicly disclosed that, if exploited, could result in Remote Code Execution (RCE) by logging a certain string on affected installations.
Trend Micro Research is continuing to analyze this vulnerability and its exploits. A comprehensive blog with more background information can be found here.
Is my Trend Micro product affected?
We assure you that the latest versions of our home products are not affected:
- Trend Micro Security for Windows and Mac
- Home Network Security
- Mobile Security for Android and iOS
- ID Security
- Password Manager
- HouseCall
- Trend Micro VPN
How can I protect my apps and devices?
- Always keep your devices up-to-date and your applications patched with the latest version.
- Trend Micro Security can detect the exploit attempts from this vulnerability.