Zero-day-exploit in log4j2 which is part of elasticsearch

Can I download the latest jars of Log4j and palace it under below folders and start Elasticsearch?
Because when I did this getting error and Elasticsearch is not starting.
usr/share/Elasticsearch/lib/log4j-api-2.11.1.jar
/usr/share/Elasticsearch/modules/repository-url/log4j-1.2-api-2.11.1.jar
/usr/share/Elasticsearch/modules/x-pack-core/log4j-1.2-api-2.11.1.jar
/usr/share/Elasticsearch/modules/x-pack-identity-provider/log4j-slf4j-impl-2.11.1.jar
/usr/share/Elasticsearch/modules/x-pack-security/log4j-slf4j-impl-2.11.1.jar
/usr/share/Elasticsearch/modules/vector-tile/log4j-slf4j-impl-2.11.1.jar