A log4j Java security problem was discovered on December 9, 2021. This issue can impact a variety of programs and apps including Minecraft.
The staff at Minecraft's Mojang Studios and those at third-party servers like PaperMC and Forge have worked tirelessly to develop patches to address the issue. Players are advised to close all Minecraft instances and to update to the most recent patch as soon as possible. This issue does not affect online multiplayer or modded Minecraft. Anyone who plays vanilla Minecraft should not be concerned. Continue reading to learn everything we know about the security issue.
Although not much information has been made available about the knock-on consequences of the breach, it is known that it affects Minecraft modpacks and multiplayer servers. This means hackers could be able access other systems via the chat system within these multiplayer worlds.
This won't affect casual Minecraft players. Vanilla worlds (i.e., not modded) will be fine. This issue will not affect single-player worlds that are vanilla (i.e., not modded). To access the latest Minecraft version, restart the launcher.
If you are a server administrator, part of a multiplayer server or play in any mod Minecraft worlds, single or multiplayer, close any Minecraft instances you have open. You will be given further instructions. If you are playing on an older version Minecraft server, make sure to keep an eye out for Mojang updates and information from your provider.
This issue doesn't affect console gamers at all.
As long as you adhere to the instructions provided by Mojang, Forge and Paper, there is no reason to worry. Also, keep an eye on the updates for your server. Don't play multiplayer Minecraft while you wait.
Mojang's Slicedlime announced that a second Release Candidate was applied overnight to fix the issue. More recently, 1.18.1 was released which also includes the security fix. To ensure you have the latest Minecraft Launcher version, close it if it is open. Double-check that you only open worlds in the latest 1.18.1 version. Keep reading to learn how to do this.
This fix is only applicable to Minecraft 1.18 at the moment. It is recommended that you do not play on older versions or modded ones for the time being, unless the Mojang, mod team, or server team gives you permission (for older versions).
PaperMC and Forge regularly update their servers. You can check the Twitter accounts of aurora_smiles_ and voxcpw (Forge), if you use these servers to see which versions have been updated. They are still working on the fixes as of this writing.
It's better to play Minecraft servers in 1.18.1 for now to address the security problem. This doesn't apply to older Minecraft versions or worlds that use Minecraft mod packs.
Before you hit the Play button to load Minecraft into the launcher, make sure you check the bottom right corner of your screen. A dropdown box will appear that shows either "Latest Release" (or "Latest Snapshot") respectively. You should make sure that you are using the latest release: 1.18.1 as shown below.
This Minecraft security issue shouldn't stop you from exploring the amazing new views that Caves and Cliffs has brought to your world. There are many breathtaking views in 1.18.1 worlds. You can continue your survival and creative adventures as usual if you are concerned.