Network monitoring services provider SolarWinds officially released a second hotfix to address a critical vulnerability in its Orion platform that was exploited to insert malware and breach public and private entities in a wide-ranging espionage campaign.
In a new update posted to its advisory page, the company urged its customers to update Orion Platform to version 2020.2.1 HF 2 immediately to secure their environments.
The malware, dubbed SUNBURST (aka Solorigate), affects Orion app versions 2019.4 through 2020.2.1, released between March 2020 and June 2020.
“Based on our investigation, we are not aware that this vulnerability affects other versions—including future versions—of Orion Platform products,” the company said.
“We have scanned the code of all our software products for markers similar to those used in the attack on our Orion Platform products identified above, and we have found no evidence that other versions of our Orion Platform products or our other products or agents contain those markers.”
It also reiterated none of its other free tools or agents, such as RMM and N-central, were impacted by the security shortcoming.
Microsoft Seizes Domain Used in…
http://feedproxy.google.com/~r/TheHackersNews/~3/osOXy9vI530/solarwinds-issues-second-hotfix-for_15.html