SolarWinds urges users to patch Microsoft-discovered security vulnerability

SolarWinds keeps finding itself in the hot seat.

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

What you need to know

What you need to know

SolarWinds cannot catch a break. From the start of 2021 onward, it’s been at the core of news coverage regarding an attack Microsoft’s president Brad Smithhas referred to as"[…] The largest and most sophisticated attack the world has ever seen." And now, it’s back in the news because Microsoft has discovered a serious security vulnerability with its Serv-U Managed File Transfer Server and Serv-U Secured FTP Server (viaBleepingComputer).

Here’s how SolarWinds describes the threat: “The vulnerability exists in the latest Serv-U version 15.2.3 HF1 released May 5, 2021, and all prior versions. A threat actor who successfully exploited this vulnerability could run arbitrary code with privileges. An attacker could then install programs; view, change, or delete data; or run programs on the affected system.”

SolarWinds recommends installingits freshly deployed hotfix immediately to prevent the vulnerability from causing undue headaches. If you’ve been following the news, you’ll know thepast few months of its operationshave featured more than enough undue headaches due to vulnerabilities and unpatched systems.

SolarWinds is not alone in the current sweep of less-than-ideal media attention toward IT infrastructure software development companies. Kaseya also recently received a one-two punch from threat actors intent on stirring the pot, once again withMicrosoft attached to the discussion.

Perhaps SolarWinds will have a quiet final quarter of 2021, one devoid of issues. Until then, if you’re an affected customer utilizing Serv-U 15.2.3 HF1 or any prior Serv-U iterations, grab the hotfix linked above and stay protected.

Get the Windows Central Newsletter

Get the Windows Central Newsletter

All the latest news, reviews, and guides for Windows and Xbox diehards.

Robert Carnevale is the News Editor for Windows Central. He’s a big fan of Kinect (it lives on in his heart), Sonic the Hedgehog, and the legendary intersection of those two titans, Sonic Free Riders. He is the author ofCold War 2395. Have a useful tip? Send it to robert.carnevale@futurenet.com.