locked Re: NVAccess Confirms: NVDA is NOT vulnerable to Log4j
This topic will be locked after this post, but it does deserve a bump, as we've just received another question about NVDA and Logj4.
NVAccess has explicitly confirmed that NVDA is not vulnerable to Logj4, and that notice is posted here: https://www.nvaccess.org/corporate-government/
The notice, near the top of the page, and in italics, reads: Note: We have had several questions regarding the Apache Log4j2 vulnerability, which is in the news currently. We can confirm that neither NVDA itself, nor the surrounding NV Access architecture (our website, servers, etc) are vulnerable or affected by this issue.
This is the definitive statement on NVDA and the fact that it is not vulnerable to Logj4.--
Brian - Windows 10, 64-Bit, Version 21H2, Build 19044
The real art of conversation is not only to say the right thing in the right place but to leave unsaid the wrong thing at the tempting moment.
~ Dorothy Nevill