Log4j (CVE-2021-44228) RCE Vulnerability Explained

You saying "just came out a few days ago" makes it sound like a fun new game just got released haha

mint

It's my first week working in cyber security environment professionally. Trying to get a grasp on my organization's infrastructure while trying to help with the log4j vuln has been a real trial by fire lol. Always enjoy your content!

djmagee

I love how you actually demonstrate the vulnerability and not just talk about it, like what most others are doing. Keep it up mate, you've got my Subscribe!

ltsmash

Clicking various links for 30 minutes, trying to understand the issue, and you explain it in less than 4. Thank you!

brianrdetweiler

With videos out there in 20+ mins and you here with less than 4 mins explaining it so clearly, I know which video to click from next time.

badashgr

Thanks Marcus. I appreciate your ability to explain a vulnerability like this and demo it in a really understandable way.

AlphaZeroOmega

The ${…} syntax is not part of Java - it’s solely a Log4j syntax. (If it were part of java there would have been no problem, as it would have been evaluated at compile-time, not run-time)

zaitarh

I had problem understand this from days and you explained it under 4 mins. You're amazing Marcus 👏❤️

romanxyz

First time understanding what this means. Thanks.

DavisTibbz

the variable thing in a string is called string interpolation my dude!

sniGGandBaShoR

Greetings from Indonesia, I really admire you, and you are great. I'm just a beginner who wants to learn like you from the bottom

FloresMenyapa

I work in IT and the last week or two has been absolutely mental thanks to this

Svalbaz

I can't believe that it is that simple. The first thing you learn is always to control the input that is given. That is why you wont just take the given SQL command and execute it. To think that log4j didn't sanitise their input ist just CRAZY. That's a one liner, my god...

tapion

"versatile" is the key word for this vulnerability.
thanks for explaining! :)

lofman

Always cool to see a Marcus video out on a new vuln!

kosmonautofficial

Very well explained. Good video Marcus!

Swing

This explanation is so cool! I’ve been hearing about the vulnerability but nobody took the time to explain it this way. Thank you! :)

andresromerodev

Thanks for such layman explanation, I was able to grasp it..

Burgundy_towel

Better than java brains log4j explanation, now i understand

manideepkumar

One of the best explanations with practical demo. Thank you ..

abhilpnYT