Many VMware products use the LOG4J software components which were recently disclosed to have a critical security vulnerability (CVE-2021-44228).    This is a serious issue which requires immediate action.

VMware has published a security advisory (VMSA-2021-0028) which details VMware products known to be affected, as well as steps to remediate the issues.      This is an on-going situation and updates to this document are expected.  Please check back often to ensure you have the latest information.

VMware has also published an FAQ to address any questions.