Over the last few days, third parties and the media publicly reported on a malware, now referred to as SUPERNOVA. Based on our investigation, this malware could be deployed through an exploitation of a vulnerability in the Orion Platform. Like other software companies, we seek to responsibly disclose vulnerabilities in our products to our customers while also mitigating the risk that bad actors seek to exploit those vulnerabilities by releasing updates to our products before we disclose the vulnerabilities.
We provided two hotfix updates on December 14 and 15, 2020 that contained security enhancements, including those designed to prevent certain versions of our Orion Platform products from being exploited in a SUPERNOVA attack. Today, we released similar updates for all other supported versions of our Orion Platform products and a fix for customers on unsupported versions of these products. Now that these updates are available, we are providing the information that Orion Platform customers need to mitigate this issue.
WHAT SHOULD CUSTOMERS DO?
If you have already upgraded to Orion Platform versions 2019.4 HF 6 or 2020.2.1 HF 2, you are protected against a potential SUPERNOVA attack exploiting this vulnerability.
We recommend that all active maintenance customers of Orion Platform products, except those customers already on Orion Platform versions 2019.4 HF 6 or 2020.2.1 HF 2, apply the latest updates related to the version of the product they have deployed, as soon as possible. Please visit the Security Advisory page at solarwinds.com/securityadvisory for instructions for and access to these updates.
These updates include versions:
- 2019.4 HF 6 (released on December 14, 2020)
- 2020.2.1 HF 2 (released on December 15, 2020)
- 2019.2 Security Patch (released on December 23, 2020)
- 2018.4 Security Patch (released on December 23, 2020)
- 2018.2 Security Patch (released on December 23, 2020)
If you’re unable to upgrade at this time, aren’t on active maintenance, or if you’re running a version prior to 2018.2, we have provided a script that you can quickly install to help protect your environment. The script is available on our Security Advisory page at solarwinds.com/securityadvisory.
Our focus has been on helping our customers protect the security of their environments. Our commitment to our customers remains high, and we are introducing a new program designed to address the issues that our customers face.
Complimentary Professional Services Program. We have developed a program to provide professional consulting resources experienced with the Orion Platform and products to assist customers who need guidance on or support upgrading to the latest hotfix updates. These consulting services will be provided at no charge to our active maintenance Orion Platform product customers. We want to make sure that customers working to secure their environments have the help and assistance they need from knowledgeable resources.
We intend to provide more information and details regarding this program next week on the Security Advisory page at solarwinds.com/securityadvisory.
We continue to work with leading security experts in our investigations to help further secure our products and internal systems.