Disclaimer: We may earn a commission if you make any purchase by clicking our links. Please see our detailed guide here.

Follow us on:

Google News
Whatsapp

Microsoft Discovers an Undisclosed Bug in SolarWinds Server

IANS
IANS
Meet the voice behind Indo-Asian News Service (IANS), a storyteller navigating the currents of global events with precision and depth. Crafting narratives that bridge cultures, IANS brings you the pulse of the world in every word

While monitoring threats related to a Java logging system called ‘Apache log4j2’, Microsoft researchers have discovered a previously undisclosed bug in the SolarWinds software that was compromised last year.

During the sustained monitoring of threats taking advantage of the ‘Log4j2’ vulnerabilities, the Microsoft Threat Intelligence Centre (MSTIC) team observed activity related to attacks being propagated via a previously undisclosed vulnerability in the SolarWinds ‘ Serv-U software.

“We discovered that the vulnerability is an input validation vulnerability that could allow attackers to build a query given some input and send that query over the network without sanitation,” Microsoft said in its security update.

SolarWinds said the Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized.

“SolarWinds has updated the input mechanism to perform additional validation and sanitisation. No downstream affect has been detected as the LDAP servers ignored improper characters,” the company said, adding that it affects 15.2.5 and previous versions.

Microsoft reported the discovery to SolarWinds, and they immediately patched the vulnerability.

“SolarWinds has updated the input mechanism to perform additional validation and sanitisation. To ensure proper input validation is completed in all environments, SolarWinds recommends scheduling an update to the latest version of Serv-U,” said the company.

Microsoft warned that the Russia-based cybercriminals behind the massive SolarWinds software attack last year, are on the prowl again, this time targeting organizations integral to the global IT supply chain.

It said that the Russian nation-state actor ‘Nobelium’ has targeted at least 140 resellers and technology service providers in global IT supply chains.

Recomended

Partner With Us

Digital advertising offers a way for your business to reach out and make much-needed connections with your audience in a meaningful way. Advertising on Techgenyz will help you build brand awareness, increase website traffic, generate qualified leads, and grow your business.

More from this topic