Doing so allows you to the get the full benefit of our updates, improvements, and enhancements. We strongly encourage customers to upgrade their Orion products to the latest versions available in the Customer Portal at that are designed to protect you from SUNBURST and SUPERNOVA. Please visit our SolarWinds New Digital Code-Signing Certificate page at /trust-center/new-digital-certificate for more information. provided a fix for customers on unsupported versions further described below.Īs part of our response to the SUNBURST vulnerability, the code-signing certificate used by SolarWinds to sign the affected software versions was revoked March 8, 2021.provided software updates, which include security enhancements, that are designed to address both SUNBURST and SUPERNOVA in supported versions of the Orion server and.removed the software builds known to be affected by SUNBURST from our download sites.If you have recently upgraded to 2020.2.1 HF2 or 2019.4 HF 6, you are also protected from SUNBURST and SUPERNOVA. However, as part of our response to the SUNBURST vulnerability, the code-signing certificate used by SolarWinds to sign the affected software versions was revoked March 8, 2021, and you may experience performance issues if you do not apply the more recent updates. For more information, review the Release Notes here, and KB article here. We recommend you upgrade to the latest available release (2020.2.5) as soon as is practical. Orion Platform version 2020.2.5 adds to these enhancements with additional security fixes and protections. Orion Platform versions 2019.4.2.4 were designed to protect you from both SUNBURST and SUPERNOVA-and have also been digitally re-signed with our newly obtained digital code-signing certificates. Where can I see a complete list of Orion Suite for Federal Government versions,.Why were 33,000 customers mentioned in connection with the SUNBURST.How many customers are potentially affected by SUNBURST vulnerability?.With these processes in place how was your code compromised to insert the SUNBURST.Why didn’t SolarWinds catch the SUNBURST vulnerability before it.What products are NOT affected by the SUNBURST vulnerability?.What products are affected by the SUNBURST vulnerability?.Horizontally in my environment and compromise another system? How do I know someone didn't exploit the SUNBURST vulnerability and move.What indicators of compromise (IOCs) of the SUNBURST vulnerability have you.I want to manually check my version of the .dllįor the SUNBURST vulnerability.Should I simply upgrade or should I rebuild my Orion server? What about my database? If my Orion server currently or previously had a SUNBURST vulnerable version,.What should I do if I believe my environment has been compromised by the SUNBURST.How extensive is the impact of SUNBURST?.One of the SUPERNOVA security fixes to my Orion server(s)? How can I confirm if I’ve applied either the SUPERNOVA mitigation script or.What indicators of compromise (IOCs) of the SUPERNOVA malware have you.Is SUPERNOVA another supply chain attack?.What about the issue disclosed by Sophos?.What about the vulnerabilities disclosed by Trustwave?.Why can’t you tell us more about what’s going on?.I still have more questions about this issue and my environment’s.Updates/trust your code? OR What are you doing to prevent future incidents moving forward? If your environment was compromised, why is it safe for us to install these.Where can I see a complete list of all Orion Platform versions, their status, and.I have downloaded a file from my Customer Portal and want to verify it is.What if I can’t upgrade right now? How do I ensure the security of my Orion.What is SolarWinds doing to help find a solution?.Why does CISA recommend users split out the web server from the Orion Application.Has the Department of Homeland Security issued an Emergency Directive on this. Do these alerts mean that I am still at risk?
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |