SolarWinds cannot catch a break. From the start of 2021 onward, it’s been at the core of news coverage regarding an attack Microsoft’s president Brad Smith has referred to as “[…] The largest and most sophisticated attack the world has ever seen.” And now, it’s back in the news because Microsoft has discovered a serious security vulnerability with its Serv-U Managed File Transfer Server and Serv-U Secured FTP Server (via BleepingComputer).
Here’s how SolarWinds describes the threat: “The vulnerability exists in the latest Serv-U version 15.2.3 HF1 released May 5, 2021, and all prior versions. A threat actor who successfully exploited this vulnerability could run arbitrary code with privileges. An attacker could then install programs; view, change, or delete data; or run programs on the affected system.”
SolarWinds recommends installing its freshly deployed hotfix immediately to prevent the vulnerability from causing undue headaches. If you’ve been following the news, you’ll know the past few months of its operations have featured more than enough undue headaches due to vulnerabilities and unpatched systems.
SolarWinds is not alone in the current sweep of less-than-ideal media attention toward IT infrastructure software development companies. Kaseya also recently received a one-two punch from threat actors intent on stirring the pot, once again with Microsoft attached to the discussion.
Perhaps SolarWinds will have a quiet final quarter of 2021, one devoid of issues. Until then, if you’re an affected customer utilizing Serv-U 15.2.3 HF1 or any prior Serv-U iterations, grab the hotfix linked above and stay protected.