The log4j exploit could have been prevented simply by not having these useless, unsecure systems in place in the first place, the entire job of the Minecraft logger is to simply write text to a file, why does it need to connect to servers and run arbitrary downloaded code???
My suggestion is that Mojang should use a more secure library that is simple and only does what Minecraft needs, preventing issues like this from happening in the future.
Thank you for your report!
However, this issue is Invalid.
You have posted a feature request or a suggestion. This site is for bug reports only.
For suggestions, please visit Minecraft Suggestions on Reddit or visit the Feedback website.
Quick Links:
📓 Bug Tracker Guidelines – 💬 Community Support – 📧 Mojang Support
📓 Project Summary – ✍️ Feedback and Suggestions – 📖 Game Wiki