While a patch is available from the Apache Software Foundation, researchers say that numerous companies may need to wait until vendors push security updates out to their own products.
The latest research out of Kenna Security and Cyentia Institute compared how quickly defenders could remediate vulnerabilities and how quickly attackers could exploit the vulnerability in the wild.