Hier finden Sie wichtige und aktuelle Informatoinen zu unseren Herstellern und Produkten
In keeping with industry best practices to help protect you and your data, users of SolarWinds® Backup will be required to enable two-factor authentication (2FA) in order to continue using the product, as of the upcoming February 13, 2021, release.
To see which of your users have already taken this step, review the user management tab:
Any users that have not already done so will be guided through 2FA configuration when they log in, beginning with this release.
SolarWinds Security Advisory
Recent as of December 20, 2020, 9:30pm CST
SolarWinds was the victim of a cyberattack to our systems that inserted a vulnerability (SUNBURST) within our Orion® Platform software builds for versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1, which, if present and activated, could potentially allow an attacker to compromise the server on which the Orion products run. This attack was very sophisticated supply chain attack, which refers to a disruption in a standard process resulting in a compromised result with a goal of being able to attack subsequent users of the software. In this case, it appears that the code was intended to be used in a targeted way as its exploitation requires manual intervention. We’ve been advised that the nature of this attack indicates that it may have been conducted by an outside nation state, but SolarWinds has not verified the identity of the attacker.
*NOTE: Please note DPAIM is an integration module and is not the same as Database Performance Analyzer (DPA), which we do not believe is affected.
SolarWinds products NOT KNOWN TO BE AFFECTED by this security vulnerability:
Digital Certificate Update for MSP Products
Recent as of December 18, 2020
As posted here: https://status.solarwindsmsp.com/2020/12/17/digital-certificate-update-for-msp-products/, we made the decision to digitally re-sign some of our products and have requested (and received) a new digital certificate, which reflects a recertification of the authenticity of SolarWinds products, both current and future.
As an update to our previous notification, we have just received an extension on the revocation date of our current digital certificate to February 22, 2021, 11:59 PST.