Conclusion: Full patching of Log4j up to version 2.17.1 or later… time unknown. "Once you become a victim of cyber-crime you never stop asking yourself, did we really eradicate all of the threats that the hackers planted in the Company, and the topic of cyber-risk becomes a regular discussion point at BoD meetings."