SUPERNOVA UPDATE AND FAQ – DECEMBER 24, 2020

Posted on December 24, 2020 by Matt Miller

What is SUPERNOVA?

Over the last few days, you may have become aware of reported malware, now referred to as SUPERNOVA. Based on our investigation, this malware could be deployed through an exploitation of a vulnerability in the Orion Platform.

SolarWinds provided two hotfix updates on December 14 and 15, 2020 that contained security enhancements, including those designed to prevent certain versions of the Orion Platform products from being exploited in a SUPERNOVA attack.

The company also released similar updates for all other supported versions of the Orion Platform products and a fix for customers on unsupported versions of these products.

For more information on SUPERNOVA, please see our Security Advisory page at http://www.solarwinds.com/securityadvisory and our FAQ at www.solarwinds.com/securityadvisory/faq.

 Does this impact MSP?  

The vulnerability that can be exploited to deploy SUPERNOVA is in the Orion Platform products and does not impact the SolarWinds MSP products.

SolarWinds MSP operates separately as a wholly-owned subsidiary of our parent SolarWinds Corp. We have our own executive leadership team. We have different support, success, and sales teams and systems, and our R&D teams have their own leadership and separate repositories and build environments.

What if I do use Orion?

For Orion customers, Orion Platform versions 2019.4 HF6 and 2020.2.1 HF2were designed to protect you from both SUNBURST and SUPERNOVA.

We recommend that all active maintenance customers of Orion Platform products, except those customers already on Orion Platform versions 2019.4 HF6 or 2020.2.1 HF2, apply the latest updates related to the version of the product they have deployed, as soon as possible.

Today, December 24, 2020, SolarWinds released similar updates for all other supported versions of our Orion Platform products and a fix for customers on unsupported versions of these products. Now that these updates are available, we are providing the information that Orion Platform customers need to mitigate this issue.

What is SolarWinds doing to address this?

Like other software companies, we seek to responsibly disclose vulnerabilities in our products to our customers while also mitigating the risk that bad actors seek to exploit those vulnerabilities by releasing updates to our products before we disclose the vulnerabilities. The updates for SUPERNOVA were originally issued on December 14 and 15, and additional updates were issued on December 24, 2020 to further assist customers on other versions.

We constantly work to enhance the security of our products and to protect our customers and ourselves because hackers and other cybercriminals are always seeking new ways to find and attack their victims. We work closely with our customers to address and remediate any potential concerns, and we encourage all customers to run only supported versions of our products and to upgrade to the latest versions to the get the full benefit of our updates, improvements, and enhancements.

Additionally, we have been working with third-party cybersecurity experts to assist us in further ensuring the security of our build environment.

Additional Resources:

Orange Matter blog: https://orangematter.solarwinds.com/2020/12/24/an-update-on-supernova-and-our-support-for-customers/

Security Advisory page: solarwinds.com/securityadvisory

CERT Advisory: solarwinds.com/certadvisory

This entry was posted in N-sight. Bookmark the permalink.