Skip to main content

Posts

Showing posts from December, 2021

Is Docklight affected by the log4j vulnerability CVE-2021-44228 ?

The short and straightforward answer is: no.  Docklight is not affected. It is not built with with Java. What we use is a combination of  C libraries with direct Win32 API calls and "classic" Visual Basic 6. Or Qt / Qt5 libraries for "Docklight Pro Monitor".  You can find the full information at our related  log4j vulnerability  FAQ  . Some additional comments from my side:  Shoutout to the initiative from Korean company logpresso and their CVE-2021-44228-Scanner (log4j-scan on GitHub) . It's a great helper for checking your Windows PCs - it comes as a codesigned executable, it is constantly fine-tuned and improved, and the source code is easy to review. I could also confirm that the scanner actually detects vulnerabilities, because my son's an ardent player of Minecraft Java Edition. And, yes, log4j-scan detected and fixed vulnerabilities there. I highly recommend this tool for a dedicated PC scan! Best regards and wishing you a merry and exploit-free holi