Hi @Sawant, Pritesh
Microsoft has published information on this issue, which you can refer to this document: https://msrc.microsoft.com/blog/2021/12/microsofts-response-to-cve-2021-44228-apache-log4j2/
But updating Log4j is not directly related to Microsoft, but to Apache, and you can get more information from the Apache site: https://logging.apache.org/log4j/2.x/
For more details, you can refer to this link: https://video2.skills-academy.com/en-us/answers/questions/707615/updating-apache-log4j-on-sql-2019-installations.
Best regards,
Aniya