In Dec 2021, a remote code execution vulnerability in Apache Log4j2 was disclosed  (CVE-2021-44228). It affects versions 2.0-beta9 to 2.14.1. Exploiting this vulnerability allows attackers to remotely execute arbitrary code on the compromised system. 

As with many applications and internet services, Log4j is also embedded within some Object Matrix products. However, we are happy to report that Object Matrix does not use any of the Log4j versions affected by this CVE in any of our products and services. As a result, none of our products or services are impacted by this exploit and no action or patch is needed. 

If you have any questions or concerns, please do not hesitate to contact us.