The Apache Log4j component is not being used for the SecureLogin application. It is being used for our logging server, and was patched last Friday (10-12) immediately by our hosting provider.