Hi guys,
We've recently moved to a different AV provider and it's thrown up a couple worrying issues with our Orion server - in that initially we thought we'd missed that Orion was still vulnerable to Sunburst, 2 years on from doing the mitigating actions of updating to HF2.
Anyway, after a bit more digging, we realised it wasn't reporting an active vulnerability, but that one of the archived installers on the Orion server is flagged as being compromised. We will need to remove this file and ideally we'd clean up the contents of the c:\programdata\solarwinds\installers\ folder, but I've read elsewhere on this forum that it's not advisable to delete the contents of that folder. Is that still true? What can we do to ensure further updates/upgrades run smoothly while also removing the compromised packages in that folder?
Thanks!
Gareth
