Recommendations from the CSRB to improve software security concerning the Log4j vulnerability, with a focus on private enterprises.