#Solarwinds vmware software#
"This is the kind of vulnerability and research cooperation we need, where a major tech company with visibility to see the attacks reaches out to the software company, and a fix is rushed to production," Bambenek said. Netenrich's John Bambenek added that Microsoft's warning and SolarWinds' quick response time represented a positive example of how vulnerabilities need to be dealt with. Microsoft Defender Antivirus and Microsoft Defender for Endpoint also detect behavior related to the activity, they added. Microsoft urged customers to apply the security updates explained in the SolarWinds advisory and said customers can use their tools to identify and remediate devices that have the vulnerability. Microsoft said it discovered previously undisclosed issues with the SolarWinds Serv-U software while looking. "Most all application security products can detect the Log4j vulnerability giving developers the ability to quickly identify and fix issue." Log4J: Microsoft discovers attackers targeting undisclosed SolarWinds vulnerability. While it appears that SolarWinds was not susceptible to have the vulnerable component exploited, it's still not something you want in your software product," Kelly said. "Given that the Log4j disclosure was published in December, this Open Source vulnerability should have been of the utmost priority for SolarWinds. NTT Application Security's Ray Kelly told ZDNet that the vulnerability surprised and concerned him, considering SolarWinds is fresh on the heels of their previous breach that affected multiple customers. No downstream effect has been detected as the LDAP servers ignored improper characters," the company said, adding that it affects 15.2.5 and previous versions. "SolarWinds has updated the input mechanism to perform additional validation and sanitization. But they left open the possibility that hackers could use the SolarWinds compromise to then later use VMWare’s flaw to spy on the Pentagon and the U.S. The attempted attacks against Serv-U were unsuccessful, according to SolarWinds. The NSA did not claim that Russian hackers, who have been exploiting a VMWare flaw to access data, are involved in the SolarWinds compromise. In their advisory, SolarWinds said the Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. Microsoft later released a blog about the issue, tracked as CVE-2021-35247, and said it is an "input validation vulnerability that could allow attackers to build a query given some input and send that query over the network without sanitation." Compare price, features, and reviews of the software side-by-side to make the best choice for your business. Their response is the quickest I've seen, really amazing work on their part!" VMware Tanzu Observability by Wavefront vs. "Solarwinds immediately responded, investigated and fixed the #vulnerability. "Taking a closer looked revealed you could feed Ssrv-U with data and it'll build an LDAP query with your unsanitized input! This could be used for log4j attack attempts, but also for LDAP injection," he wrote. US: Hundreds of millions of devices at risk.So far, nearly half of corporate networks have been attacked.Security firm discovers new attack vector.
#Solarwinds vmware how to#
Log4j zero-day: How to protect yourself.