A security vulnerability has recently been discovered in the Apache log4j utility versions of the uAchieve Suite and uAchieve Server from 4.4 through 4.5.4.5. We rate this vulnerability as critical, meaning that ALL of your applications running in Java (not just those related to CollegeSource products) that are using the log4j utility should be updated as soon as possible.
Note that if you are in the CollegeSource cloud, the Services team has already applied the security patch for your uAchieve servers and will keep them up-to-date with any future security releases.
Full details, updated on an ongoing basis as needed, may be found on the related Support Center page.