New Relic has released updates to address a critical vulnerability in the open-source Apache Log4j framework, which can be exploited to allow malicious actors to control systems remotely or exfiltrate data. The recommended remediation is to upgrade Apache Log4j to version 2.16.0 or higher as soon as possible. New Relic has released product updates to address vulnerabilities in the Apache Log4j framework and provides guidance on how to identify and protect against this issue, including an open-source script to help detect potentially vulnerable services and a feature to identify if agents or applications are at risk due to the inclusion of a vulnerable version of log4j. New Relic's Security Response process was initiated shortly after the vulnerability was announced, and the company is working with partners and subprocessors to ensure comprehensive remediation across its internal infrastructure.