Hopefully when we come back the Log4J vulnerability will be gone from our news feed. Based on recent reports it seems unlikely as the existing workarounds don't work. You must update the Log4J jar to the latest version to get protection.
In the meantime, here are some tips from Tom on mitigation:
<blockquote>Checking if you're vulnerable to <a href="https://twitter.com/hashtag/log4j?src=hash&amp;ref_src=twsrc%5Etfw">#log4j</a> <a href="https://twitter.com/hashtag/Log4Shell?src=hash&amp;ref_src=twsrc%5Etfw">#Log4Shell</a> by exploring the value of formatMsgNoLookups LIVE using Lightrun - a 🧵 : <a href="https://t.co/Yol7mW77M5">pic.twitter.com/Yol7mW77M5</a>— Tom Granot (<a href="https://hashnode.com/@TomGranot" class="user-mention" target="_blank" rel="noopener">@TomGranot</a>) <a href="https://twitter.com/TomGranot/status/1469704635715706885?ref_src=twsrc%5Etfw">December 11, 2021</a></blockquote> 
<h2 id="heading-not-exactly-a-vacation">Not Exactly a Vacation</h2>
So technically I don't celebrate Christmas. But because so many of our readers are on vacation I decided to align my vacation time too. I'll use that time away to do some open source hacking and work on an interesting side project. 
If you'd like to keep up with this please follow <a target="_blank" href="https://twitter.com/debugagent/">@debugagent</a> on twitter. I'll post updates there although I might not be up to my usual posting cadence during this time.
I'll try to keep my channels open (I can't stand getting back to full inboxes) but I might not be responsive. If you write to me please ping me again in January.
Merry Christmas,
Happy Holidays
and happy new year to all.

Hopefully when we come back the Log4J vulnerability will be gone from our news feed. Based on recent reports it seems unlikely as the existing workarounds don't work. You must update the Log4J jar to the latest version to get protection.

In the meantime, here are some tips from Tom on mitigation:

<blockquote class="twitter-tweet">Checking if you&#39;re vulnerable to <a href="https://twitter.com/hashtag/log4j?src=hash&amp;ref_src=twsrc%5Etfw">#log4j</a> <a href="https://twitter.com/hashtag/Log4Shell?src=hash&amp;ref_src=twsrc%5Etfw">#Log4Shell</a> by exploring the value of formatMsgNoLookups LIVE using Lightrun - a 🧵 : <a href="https://t.co/Yol7mW77M5">pic.twitter.com/Yol7mW77M5</a>&mdash; Tom Granot (@TomGranot) <a href="https://twitter.com/TomGranot/status/1469704635715706885?ref_src=twsrc%5Etfw">December 11, 2021</a></blockquote> <script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script> 

## Not Exactly a Vacation
So technically I don't celebrate Christmas. But because so many of our readers are on vacation I decided to align my vacation time too. I'll use that time away to do some open source hacking and work on an interesting side project. 

If you'd like to keep up with this please follow [@debugagent](https://twitter.com/debugagent/) on twitter. I'll post updates there although I might not be up to my usual posting cadence during this time.

I'll try to keep my channels open (I can't stand getting back to full inboxes) but I might not be responsive. If you write to me please ping me again in January.

Merry Christmas,
Happy Holidays
and happy new year to all.

We'll be back in the first week of 2022 with new and exciting content

Merry Christmas and Happy New Year - the blog is on Vacation

Developer Advocate at Lightrun. Co-Founder of Codename One. Java Rockstar, Speaker, Author, Blogger and open source hacker. 
In this blog I cover debugging in-depth and production related issues


Debugging secrets - learn how to dig deep into your apps. The hidden techniques, tricks and tools for debugging, APM and more. With a big focus on production tracing and developer oriented APM tools.