Microsoft Security yesterday updated its Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability. It's clear, sobering, and worth attention. In brief, Microsoft's researchers have been seeing on-going exploitation across the full range of threat actors, from intelligence services down to low-level grifters using commodity tools. The vulnerabilities represent, in sum, "a complex and high-risk situation for companies across the globe."
That risk extends beyond applications that use vulnerable libraries to any services that that themselves employ such applications. Redmond concludes, "Due to the many software and services that are impacted and given the pace of updates, this is expected to have a long tail for remediation, requiring ongoing, sustainable vigilance."
The good news, as the Washington Post sees it, is that both companies and government agencies seem to be taking the issue seriously, and have been more on top of things than they were, for example, in the earlier Shellshock and Heartbleed incidents. May the vigilance be as ongoing as possible.