Mojang’s developers recently discovered a significant Log4j exploit in Minecraft: Java Edition put users at increased risk of their computer being compromised from external sources. This has since been fixed, but users need to take one of several steps to ensure that their version of the game and computer are safe.
Especially when using the official Minecraft: Java Edition Launcher you will need to close all instances of the game that are running on your computer and restart the launcher. This should result in your client automatically downloading the new patch.
However, this method only works with the official launcher. Third-party launchers or modified clients may not be able to update automatically, and unless those platforms actively notice that they have processed the update extensively, Mojang warns fans that they “should assume the vulnerability is not fixed and you are at risk by playing. “
Mojang has also listed specific steps to update your client if you are hosting your own Minecraft: Java Edition Server based on the version of the game you are using to watch on the official one Minecraft website– together with other supporting documents. Note that versions below 1.7 are not affected by this problem.
Now that this issue has been isolated and fixed, Mojang will continue to update users if other large exploits are discovered that require immediate updates to be kept safe.