[Tech-l] Update on SolarWinds Security Alert

Brian Hoehner hoehner at mveca.org
Tue Dec 15 07:48:27 EST 2020 

All,

See below.  If you have SolarWinds products you should be aware by now of their breach.  As you can see below we (MVECA) were not a victim.

If you have an Orion based product please disconnect it from your network until you can get it updated.  If you are unsure there is a link to the list of known infected products below.  The note below also lists software believed not to be infected.

Thanks,
Brian Hoehner
Director of Operations
Miami Valley Educational Computer Association (MVECA)
937-767-1468 x3119

[cid:image001.jpg at 01CE981F.38D95B60]



From: Kevin Thompson <noreply at solarwinds.com<mailto:noreply at solarwinds.com>>
Sent: Monday, December 14, 2020 7:27 PM
To: Timothy Grant <grant at mveca.org<mailto:grant at mveca.org>>
Subject: Update on SolarWinds Security Alert


View Online <https://itsm.solarwinds.com/index.php/email/emailWebview?mkt_tok=eyJpIjoiWXpNM1pEYzFZVGsxT0dVMCIsInQiOiJzMHJENjc0T3hhb05BTG96RWhiM0MyWEx3TWtRNUl6aXlsUXZoRUp1WFNLM1d6bXJDbGRsVEczZ0x2UWQwMGIyTHBTbHN3bi81V1ZXbmRQeTdhMDhxWmVmMFFMQTVPc1RGYVgvN2xNdUNsWVB0RW4xcmN6VSswakQyUzg2c3Q0RyJ9>



[SolarWinds | The Power to Manage IT]<http://itsm1.solarwinds.com/dc/xXwBeusar0b5kKp3iDd1qnC3Ue-jzcesazQGPjCX5Rk=/dv0Qi8d9JJ0S300JGy010E0>



Dear Customer,

You are receiving this email because you are a customer who owns SolarWinds products that we believe, based on our investigations to date, are NOT AFFECTED by the vulnerability in our Orion Platform products identified in our public statements and recent news reports.

We have been made aware of a cyberattack to our systems that inserted a vulnerability within our SolarWinds® Orion® Platform software builds for versions 2019.4 HF 5, 2020.2 with no hotfix, and 2020.2 HF 1 only. We have been advised that this incident was likely the result of a highly sophisticated, targeted, and manual supply chain attack by an outside nation state, but we have not independently verified the identity of the attacker.

We have scanned the code of all of our software products for markers similar to those used in the attack on our Orion Platform products identified above, and we have found no evidence that other versions of our Orion Platform products or our other products contain those markers. As such, we are not aware that other versions of Orion Platform products have been impacted by this security vulnerability. Other non-Orion Platform products are also not known by us to be impacted by this security vulnerability.

If you aren’t sure which version of the Orion Platform products you are using, see directions on how to check that here<http://itsm1.solarwinds.com/M90S0J03EJG8v00zQ0iJ0e1>. To check which hotfix updates you have applied, please go here<http://itsm1.solarwinds.com/p0G00E08AS0J0f9JvQ0i3J1>.

Products believed to be NOT AFFECTED by this security vulnerability are:

8Man

Access Rights Manager (ARM)

AppOptics

Backup Document

Backup Profiler

Backup Profiler

Backup Server

Backup Workstation

CatTools

Dameware Mini Remote Control

Dameware Patch Manager

Dameware Remote Everywhere

Dameware Remote Manager

Database Performance Analyzer (DPA)

Database Performance Monitor (DPM)

DNSstuff

Engineer’s Toolset

Engineer's Web Toolset

FailOver Engine

Firewall Security Monitor

Identity Monitor

ipMonitor

Kiwi CatTools

Kiwi Syslog Server

LANSurveyor

Librato

Log & Event Manager (LEM)

Log & Event Manager Workstation Edition

Loggly

Mobile Admin

Network Topology Mapper (NTM)

Papertrail

Patch Manager

Pingdom

Pingdom Server Monitor

Security Event Manager (SEM)

Security Event Manager Workstation Edition

Server Configuration Monitor (SCM)

Server Profiler

Service Desk

Serv-U FTP Server

Serv-U Gateway

Serv-U MFT Server

Storage Manager

Storage Profiler

Threat Monitor

Virtualization Profiler

Web Help Desk

SQL Sentry

DB Sentry

V Sentry

Win Sentry

BI Sentry

SentryOne Document

SentryOne Test

Task Factory

DBA xPress (Free)

Plan Explorer (Fee)

APS Sentry (EOL)

DW Sentry (EOL)

SQL Sentry Essentials (EOL)

SentryOne Monitor (EOL)

BI xPress (EOL)


At this time, we are not aware of an impact to our SolarWinds MSP products, including RMM and N-central. Additionally, we are not aware of any SolarWinds free tools or any of our agents that were affected by this vulnerability.

Our investigations and remediation efforts for these matters are still ongoing, and we will continue to update the Security Advisory page<http://itsm1.solarwinds.com/TB9EJ0i080003Jg10QGJvS0> on our website as more information becomes available to us throughout our investigations.

Visit www.solarwinds.com/securityadvisory<http://itsm1.solarwinds.com/K00JGEJ00QJh1Cv3i0890S0> for more detailed information.

We also encourage you to review the Form 8-K that we filed this morning with the SEC. You can find this filing on the investor relations page<http://itsm1.solarwinds.com/M90S0J03EJG8v00DQ0iJ0i1> of our website and on the SEC’s website.

Security and trust in our software are the foundation of our commitment to our customers. Thank you for your continued patience and partnership as we continue to work through this issue.

Sincerely,

Kevin Thompson
President & CEO
SolarWinds, Inc










[Network]<http://itsm1.solarwinds.com/dc/xXwBeusar0b5kKp3iDd1qqGUT7Nxv_vyqB3jO0k2VQSuigWhue1NdFTqLL7IL_4lOK_AFFlvSVwzI2UtTE64yg==/dv0Qi8d9JJ0S300JGy010E0>

[Applications]<http://itsm1.solarwinds.com/dc/xXwBeusar0b5kKp3iDd1qgF6xZqbfZk4u9hcxxw1HoINQ4reqD4PoPZaGod6lQRHOXBOumCt88aysbtT5JXmHw==/dv0Qi8d9JJ0S300JGy010E0>

[Database]<http://itsm1.solarwinds.com/dc/xXwBeusar0b5kKp3iDd1qjkUoYy9u-fSbTFbK_PiE2cI1Zt09evFhX14oMkLVT3eglqbhqNNHLBzF4_8kvoQkW_4dhjat-M1ojbqzK2pShA=/dv0Qi8d9JJ0S300JGy010E0>


[Security]<http://itsm1.solarwinds.com/dc/xXwBeusar0b5kKp3iDd1qq8tsRXcN7J4kMuO7dpU98LBfYV7Lem53DnfD1jYcDdtt9tk5wAFSRYusewzKafCcKdspYkTzlNYeY-z3Qnet70=/dv0Qi8d9JJ0S300JGy010E0>

[IT Help Desk]<http://itsm1.solarwinds.com/dc/xXwBeusar0b5kKp3iDd1quvxn5xg1xJlINpxSq3NX--b4yhYPSLyZqX57LZ6PRzS/dv0Qi8d9JJ0S300JGy010E0>

[Cloud]<http://itsm1.solarwinds.com/dc/xXwBeusar0b5kKp3iDd1qrWMJzirP-FcAjBikx9cAHsyciLAA983gKpccu15i75l/dv0Qi8d9JJ0S300JGy010E0>





This email was sent to: grant at mveca.org<http://itsm1.solarwinds.com/dc/VEtvJKCE-IE6sy5Sj6AQwAD1UIUKn4lSwEv3dg8pHRk=/dv0Qi8d9JJ0S300JGy010E0>

Unsubscribe<http://itsm1.solarwinds.com/dc/nFY2ebWXhJfpWsVdAL8QkUYH9KYFh3KIjX6GzkrSStQBs2dG9a1wzoRtDYMDTl4s1lY2SWbD3UP6XgOvZoVmLQ==/dv0Qi8d9JJ0S300JGy010E0> | Change Preferences<http://itsm1.solarwinds.com/dc/nFY2ebWXhJfpWsVdAL8QkUYH9KYFh3KIjX6GzkrSStQBs2dG9a1wzoRtDYMDTl4s1lY2SWbD3UP6XgOvZoVmLQ==/dv0Qi8d9JJ0S300JGy010E0>

SolarWinds, 7171 Southwest Parkway, Building 400, Austin, TX 78735 | www.solarwinds.com<http://itsm1.solarwinds.com/dc/5Geu3fRir2bLRKyiEEiG2n3sfiG4Gvv6Yxyw6RwgW5g=/dv0Qi8d9JJ0S300JGy010E0>





-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listserv.mveca.org/pipermail/tech-l/attachments/20201215/060576b3/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.jpg
Type: image/jpeg
Size: 3473 bytes
Desc: image005.jpg
URL: <http://listserv.mveca.org/pipermail/tech-l/attachments/20201215/060576b3/attachment.jpg>

More information about the Tech-l mailing list