Here is part of the advice we shared with our POS software customers yesterday about the Log4j exposure:
The Australian Cyber Security centre has published comprehensive information and advice about about the Log4j zero-day flaw. We recommend you read this.
ZDNet has also published a good explainer.
Our Retailer POS software is free from this exploit as we make no use of Java whatsoever. On your network, however, you may be at risk. Some routers, for example, use the problematic code. We are checking all our internal systems and hardware that could be exposed. Our hosting partners are doing the same.
Here’s what you need to do: Run every security update you are told to run, and do this for the next few weeks. If you can, check for security updates for your routers and other devices attached to your network.