By Ryan Naraine on December 27, 2021
The Apache Software Foundation has released a new version of its flagship web server to patch a pair of security defects, one serious enough to lead to remote code execution attacks.
The Apache HTTP Server 2.4.52 is listed as urgent and the U.S. government’s security response agency CISA is calling on users of the open-source cross-platform web server software to “update as soon as possible.”
The patch provides cover for two documented security vulnerabilities -- CVE-2021-44790 and CVE-2021-44224 -- one of which may allow a remote attacker to take control of an affected system.
