Important communication regarding the detection of a security vulnerability
As of December 10, 2021, we have been notified of a vulnerability in the form of a flaw in Log4j – a Java-based logging utility. This flaw affects many services – including Minecraft Java Edition.
This vulnerability poses a potentially high risk to computers, and although this flaw has been fixed with all versions of the game (1.0 to 1.18.1), it is important to be aware that your security could be compromised if you do not use these official versions.
WHAT YOU NEED TO DO:
OFFICIAL GAME CLIENT
To join our servers, you will need to take the following steps: Close all running instances of the game and the Minecraft Launcher. Start the Launcher again – the patched version will download automatically.
MODIFIED CLIENTS AND THRID-PARTY LAUNCHERS
Modified clients and third-party launchers might not be automatically updated. Therefore, it is not possible to use a modified client for the moment. Optifine and Forge mods are among them. Only use a version that is officially declared as fixed.
At the moment, a patch has been deployed on all our servers. There is no risk if you follow the above instructions carefully.
Official communications from Minecraft.net: Important Message: Security vulnerability in Java Edition | Minecraft