Mitigating CVE-2021-44228 in Minecraft

If you are using Minecraft 1.18 or older we recommend following this guide to install a patch to mitigate against any Remote Code Execution (RCE) vulnerabilities due to CVE-2021-44228 in log4j.

If you would like to read more about the patch you can read our blog at

If you are using the FTBApp or hosting a server through CreeperHost you do not need to follow this guide as the issue has already been patched.

How to install the patch on CurseForge

First go to and download the Log4jPatcher.jar.

Once its downloaded open up the root of your Minecraft installation (this can be the .minecraft folder or an instance folder of the launcher you are using).

To open the instance folder on CurseForge click on the image of the instance then click on the 3 vertical dots and select Open Folder