CMA is working closely with all of our vendors and security providers to monitor the evolving situation around the Apache Log4j vulnerability.  We will be proactively applying updates to our infrastructure and that of our managed services customers as they become available.  For our customers who manage their own IT infrastructure, we recommend reviewing this resource guide published by CISA with information related to the Log4j vulnerability and remediation guidance.

https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance