topic When can we expect update of log4j to latest version for SAS 9.4 M7 release in Administration and Deployment https://communities.sas.com/t5/Administration-and-Deployment/When-can-we-expect-update-of-log4j-to-latest-version-for-SAS-9-4/m-p/803371#M24053 <P>SAS has stated to check the note&nbsp;<A href="https://support.sas.com/kb/68/756.html" target="_blank" rel="noopener">https://support.sas.com/kb/68/756.html</A>&nbsp;for anticipated date of hotfix release which doesn't provide any information about the release date. We are currently on SAS 9.4 M7 release and we had followed instructions provided by SAS to patch the vulnerable version. Our security scan check for version of log4j and report as noncompliant. To prevent this, we would like log4j to be updated to latest version, does anyone aware of the when this hot fix will be made available?</P> Tue, 22 Mar 2022 15:38:59 GMT infomevijay 2022-03-22T15:38:59Z When can we expect update of log4j to latest version for SAS 9.4 M7 release https://communities.sas.com/t5/Administration-and-Deployment/When-can-we-expect-update-of-log4j-to-latest-version-for-SAS-9-4/m-p/803371#M24053 <P>SAS has stated to check the note&nbsp;<A href="https://support.sas.com/kb/68/756.html" target="_blank" rel="noopener">https://support.sas.com/kb/68/756.html</A>&nbsp;for anticipated date of hotfix release which doesn't provide any information about the release date. We are currently on SAS 9.4 M7 release and we had followed instructions provided by SAS to patch the vulnerable version. Our security scan check for version of log4j and report as noncompliant. To prevent this, we would like log4j to be updated to latest version, does anyone aware of the when this hot fix will be made available?</P> Tue, 22 Mar 2022 15:38:59 GMT https://communities.sas.com/t5/Administration-and-Deployment/When-can-we-expect-update-of-log4j-to-latest-version-for-SAS-9-4/m-p/803371#M24053 infomevijay 2022-03-22T15:38:59Z Re: When can we expect update of log4j to latest version for SAS 9.4 M7 release https://communities.sas.com/t5/Administration-and-Deployment/When-can-we-expect-update-of-log4j-to-latest-version-for-SAS-9-4/m-p/803440#M24054 <P>If you go to the <A href="https://support.sas.com/content/support/en/security-bulletins/remote-code-execution-vulnerability-cve-2021-44228.html" target="_blank" rel="noopener">full LOG4J bulletin</A> you will see this:</P> <P>&nbsp;</P> <P><SPAN>At this time, SAS plans to deliver software that includes version 2.17.1+ of Log4j as follows:</SPAN></P> <UL class=" "> <LI>For SAS 9.4M7 -<SPAN>&nbsp;</SPAN><EM>additional updates</EM>&nbsp;<EM>planned for the end of March 2022&nbsp;(in the SAS Security Update and additional hot fixes)</EM></LI> </UL> Tue, 22 Mar 2022 19:17:10 GMT https://communities.sas.com/t5/Administration-and-Deployment/When-can-we-expect-update-of-log4j-to-latest-version-for-SAS-9-4/m-p/803440#M24054 SASKiwi 2022-03-22T19:17:10Z