Skip to main content

Is Docklight affected by the log4j vulnerability CVE-2021-44228 ?

The short and straightforward answer is: no. 

Docklight is not affected. It is not built with with Java. What we use is a combination of  C libraries with direct Win32 API calls and "classic" Visual Basic 6. Or Qt / Qt5 libraries for "Docklight Pro Monitor". 

You can find the full information at our related log4j vulnerability  FAQ .

Some additional comments from my side: 

Shoutout to the initiative from Korean company logpresso and their CVE-2021-44228-Scanner (log4j-scan on GitHub). It's a great helper for checking your Windows PCs - it comes as a codesigned executable, it is constantly fine-tuned and improved, and the source code is easy to review. I could also confirm that the scanner actually detects vulnerabilities, because my son's an ardent player of Minecraft Java Edition. And, yes, log4j-scan detected and fixed vulnerabilities there. I highly recommend this tool for a dedicated PC scan!

Best regards and wishing you a merry and exploit-free holiday season,

Oliver Heggelbacher

- From the Docklight Developers -