Is there an easy way to delete the 'log4j hotfix' tool that gets installed as a dependency of Corretto?

We recently switched to using Corretto Java 11 and I noticed that something called log4j-cve-2021-44228-hotpatch gets installed as a dependency. This package executes a script that appears to be modifying the Java runtime to install an agent that will somehow patch vulnerable versions of log4j. Looking at journalctl, I see this script runs every 30 minutes.

We don't use log4j and we don't have it installed on our EC2 instances. We have over 100 EC2 instances. Is there an easy way to permanently remove this tool or do we have to switch to the OpenJDK Java release?

Topics

Developer Tools Compute

Relevant content

Amazon corretto 11 commercial use
Paul
asked a year ago
Corretto 11 and javah
AussieV123
asked 4 years ago
Corretto 11 with Tomcat 8.5 AL2 version 4.2.9 Updates for latest log4j hotpatch 1.1-12
AWS-User-4675651
asked 2 years ago
Compatability Enhancement of Corretto Java Floating Point.
Z1234
asked 2 years ago
How do I use AWS SAM to build a Lambda-backed custom resource in Java for CloudFormation?
AWS OFFICIALUpdated a year ago
How can I delete a subnet that is part of an Amazon RDS DB subnet group?
AWS OFFICIALUpdated a year ago
How do I resolve the errors that I get when I delete the Application Load Balancer?
AWS OFFICIALUpdated a month ago
How can I delete an Elastic Beanstalk environment that's out of sync with a deleted Amazon RDS database?
AWS OFFICIALUpdated 9 months ago
Why is a /24 the smallest IP range that can be used with BYOIP?
EXPERT
Brettski-AWS
published a year ago
Why do I get an error "The snapshot is currently in use by AMI" when I try to delete an EBS snapshot, even though there is no AMI on the account?
EXPERT
dnyanesh-db
published 4 months ago