Officials say agencies have demonstrated more dedication than ever in addressing a bug with astronomical reach, but organizations are at the mercy of product vendors to issue the patches they need to implement.
Article Link: How the Log4j Vulnerability is Forcing Change in Federal Cybersecurity Policy - Nextgov