Solid Edge Log4J 1.2.16 security vulnerabilities in Solid Edge

Solid Edge 2022 when installed delivers version 1.12.16 of the Apache log4j .jar file.  Apache log4j versions 1.x have been highlighted as having various security vulnerabilities.  How are these log4j vulnerabilities addressed in Solid Edge?

The base Solid Edge 2022 software is installed with the Apache log4j 1.2.16 file:

After the various security vulnerabilities announced with log4j 1.x versions changes were then made to the software to use log4j 2.17.1 which was released with MP4:

However, because maintenance packs only add files and do not remove files, the 1.2.16 log4j file remains.  Starting with MP4 this 1.2.16 log4j file is no longer used with Solid Edge 2022 so should not be a concern.  However, if a customer is worried about this file, it can be safely removed manually once MP4 or later is installed.