The widespread usage of Log4j is adding complexity to organizations attempting to apply patches.
While a patch is available from the Apache Software Foundation, researchers say that numerous companies may need to wait until vendors push security updates out to their own products.