Could someone provide us with a timetable for the availability of HF2 today so we can stop hitting Refresh every few seconds? My systems are all down until I install the Hot Fix, and I think others are in the same boat. Thanks!
The SolarWinds Security Advisory has been updated. This also includes a link to a FAQ. These documents will continue to be updated as we obtain additional information.
Did you run into issues w/ HF1?
The HF1 installation went smoothly, but our Security department decided that it did not address enough, so we are waiting until HF2 to bring the systems back online.
Also waiting for HF2 until security will let us turn our servers back on.
no sign we have any problem here, but since others might have a problem is good enough for our management team to pull the plug, It's like going back to the good old days where a user calls and you have to ask them what they think is wrong, and they reply everyone is experiencing slowness and they can't work. **bleep** I missing NTA a lot right now.
Just got off a call with Tech Support. HF2 pushed to tomorrow. @1100hrs MST
This is the biggest thing for me. I recognize Solarwinds is A) developing the hotfix, verifying the hotfix, C) dealing with angry customers, D) dealing with government entities, E) trying to write SEC filings, F) trying to make sure their legal things are covered, and G) who knows what else... but a timeframe would be extremely useful. As I've said elsewhere, I want to do everything I can to build trust in the product with our security office and upper management... and communication helps quite a bit with that.
If I had to guess I am going to say its not going to drop until Thursday 12/17/2020
with the lack of info and hotfix and government agencies saying to take off the network and rebuild only when HF2 is out its really making us second guess are monitoring platform and i have been a long time support of this product,
We are reinstalling from scratch on new servers whenever the updated versions drop.
The backdoor was installed on our current systems so we can't trust the servers and just installing a patch isn't deemed enough. We are scouring the network now for additional IOCs or lateral spread.
Same here, support has been going downhill, the product has constant issues that aren't fixed... I think management might have lost confidence in them as a vendor. We may never be going back, having to plan for both outcomes now.
Question...we're looking at doing the same thing. Is it possible to do a fresh installation using your existing database?
this is the route we are leaning with. deploy new and leave the old ones off. Are you doing anything in particular with the DB server? thx
I hope so..I think all your settings/menus/alerting and all that is in the db so bringing up a new poller/app server should be a straightforward process. My concern is how to remove the old instances but i am sure that should be fairly easy.
If you consider the SW server untrustworthy & are going to rebuild it as a result, unless you've been very careful with the permissions you've assigned it then you probably need to consider most of your environment untrustworthy & rebuild it too. I don't think you're necessarily accomplishing anything meaningful by doing a rebuild of just the server it's running on.
SolarWinds Security Advisory page is the official destination for the latest updates and still states the following:
An additional hotfix release, 2020.2.1 HF 2 is anticipated to be made available Tuesday, December 15, 2020. We recommend that all customers update to release 2020.2.1 HF 2 once it is available, as the 2020.2.1 HF 2 release both replaces the compromised component and provides several additional security enhancements.
For half of the world is already 16 December so how about you update the advisory?
Same here. Feel dead in the water with half our monitoring down and no change in the advisory page.
Agreed, a lot of people are wasting time trying to understand a timetable for the updated HF2. It's not much to ask for communication.
It's in the customer portal:
Downloaded in 1 minute to laptop but since is 1.3Gb its going to take some time to get it to the main server.
Advisory is still not updated and no email received with info about HF2 availability.
@fakeusername HF2 is now available.The install has the same name, but todays date; I'm updating my servers now.
You are brave to do it before they update the advisory.
Let us know how it goes.
good luck
@bogdan.stan Will do.
Poking them about it.
Installed without issue on my server. Seeing similar reports from others on the Slack channel.
The sad thing is that using the Web GUI, My Deployments, Updates & Evaluations, shows that there are no updates/hotfixes.
I'm at 90% (configuring Orion) with HF2 now, then the APE to deal with.
what version of SolarWinds are you upgrading from?
I'm downloading it now. So glad for company internet.
Primary poller had an error at the end, and didn't get to the normal web optimization etc.Ran the update again, and showed it updated specific modules.Site was unreachable, completed reboot of primary and site is operational, and looks normal.moving on to APE.Update: APE updated, failed on virtualization manager when running the update on the server. Started the update again via Web (Updates & Evaluations) and it completed without issue.Good luck to the rest of you.
@elkinst - Thanks for letting me know about the download. I am installing now. I am getting a lot of Trojan alerts from SCCM.
Malware Name: Trojan:MSIL/Solorigate.G!dha
I am having some of the same issues you had, so I appreciate the tips.
Any luck installing it? I just double-clicked the file and have been waiting for 45 minutes for some kind of installer or something to show up.
Hi @elkinst
How much time it took to apply the hotfix?
Thanks
We need an update to https://www.solarwinds.com/product-checksum with the correct checksum for the hotfix installer.
Would we have to HF1 and then HF2, or does HF2 included what was fixed with HF1?
We have switched off all our Solarwinds Servers pending an investigation. Managed to install hotfix 2 on them before the order to switch them off.
Is anyone else having issues installing HF2. I've tried to download and install 3 times and it states All Products are up to date.
Thanks,
I've successfully installed the HotFix. I've also blocked Solarwinds from going to the internet.
Periodic 10-minute samples of firewall logs show the server attempting to reach a random group of about a dozen US based ip addresses. Firewall is blocking.
If anybody could shed some light on that, I'd appreciate.
I'm shutting the servers back down for now.
I suppose the Windows OS may be responsible for some of that chatter...
But I guess I'd like to hear about what other people are noticing..
We are experiencing the same results.
Tread lightly!!
I applied HF1 Monday and all was AOK. I went to apply 2020.2.1 HF 2 this morning on our primary polling engine and it FAILED. We're dead in the water here. I opened a case but don't expect a quick solution. I've been on hold listening to the same music for over an hour.
ERROR:
Configuring database components for plugins FAILED
Database configuration failed:
SWITCH
TO VIM_VirtualMachineDisksStatistics_CS_Hourly_hist PARTITION 25
WITH (WAIT_AT_LOW_PRIORITY (MAX_DURATION = 1 MINUTES, ABORT_AFTER_WAIT = BLOCKERS))
@dllock did you download and run the full offline installer?
I'm experiencing the same issue. I downloaded just the HF2 offline install but it won't install, it says that my products are up to date although the lists shows its running HF1.
we are getting the same error on the config wizard, I was able to start the services and it shows the version with the HF, but really need the config wizard to finish, be sure to update on here if support is able to fix it.
Yes I did. Actually tried it 3 times just to see if anything changed.
here is how we fixed it, reboot, run the config wizard three times, first two times got errors, last time config wizard finished and they system is back up.
This is imperative these hash values are updated, why has this not been completed after a major breach and trust of the downloads itself?!
copy, thanks!
I just rebooted and running the configuration wizard now. I'll be in touch...
@dllock , @ecotto123 , @driegel @tkercher - try restarting the SolarWinds Administration Service to see if it updates the catalog.
Restarting the service did not work. I even restarted the server. Still no go.
I just ran the config wizard on my primary poller and no errors and the web console is up and running! Moving on to my other pollers.
@dllock and @driegel and @ecotto123 - can you confirm you went here and obtained this file:
Please let me know what you see after that. You should not have to perform a step upgrade. However if you pulled from here:
This ONLY contains the HF 2 or HF6.
@justinmead HotFixes are typically cumulative.
