It's always cool when things work exactly like they're supposed to. Let me give you an example...

On Friday, May 21st, a fellow member of the technical community and social media advocate found a vulnerability with the SolarWinds TFTP Server. That dude, @nullthreat on Twitter, is one sharp cookie. He tweeted about it and the team here saw the message via the twitter stream and jumped into action. At first, we thought that it was the same exploit that we'd patched a few months back so we asked him to test against the latest versions.

Sure enough, the latest versions had the same problem - this was a brand new issue. So the R&D team here went back to work. Within about 48 hours of validating it was a new issue we had a patch written, tested, and made it available for download.

There are several things that worked particularly well in this scenario. First of all, @nullthreat, aka Elliott Cutright and author of the well read blog on hacking and security "nullthreat.net", found the issue and communicated about it via social media - Twitter and his blog. You might be surprised that I'm happy that someone hacked one of our applications and posted the vulnerability out on Twitter - don't be. This is exactly what security experts are supposed to do (and what they love to do) and it causes companies like us to have to take immediate action - which is good for everyone.

Secondly, I have to say that I was impressed with the way that our PM and R&D teams handled this. They saw it, pounced on it, and fixed it right away.

The third thing that was really cool about this is that it all happened while I'm in Europe meeting with customers, partners, the press, and some of our R&D team. I had no part in any of it other than to sit back, watch it happen, and smile.

It's pretty cool when you see the technical community working together, leveraging social networking tools, and challenging each other to be better all for the betterment of Geek-kind.

If you're using the TFTP Server and want to protect against this threat, be sure to download the latest version from SolarWinds.Com and grab the latest hotfixes as well.


Flame on...
Josh
Follow me on Twitter