On 9th December the National Cyber Security Centre (NCSC) became aware of a critical vulnerability in the Log4j software library. The vulnerability (CVE-2021-44228) allows for remote code execution on exploited systems.
DLUHC is seeking to build a picture of how local government is managing and mitigating this vulnerability and assess what support may be needed.
Questions are based on the NCSC guidance for this vulnerability. The NCSC guidance is being regularly updated and should be frequently checked for the latest information.
We expect the survey to take 5 to 10 minutes to complete and responses should be submitted by 22 December.