Microsoft discovers undisclosed bug in SolarWinds server, while monitoring threats to Java logging system

AgenciesUpdated: Saturday, January 22, 2022, 03:10 PM IST
article-image
SolarWinds said the Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized./ Representative image |

While monitoring threats related to a Java logging system called 'Apache log4j2', Microsoft researchers have discovered a previously undisclosed bug in the SolarWinds software that was compromised last year.

During the sustained monitoring of threats taking advantage of the 'Log4j2' vulnerabilities, the Microsoft Threat Intelligence Centre (MSTIC) team observed activity related to attacks being propagated via a previously undisclosed vulnerability in the SolarWinds 'Serv-U' software.

"We discovered that the vulnerability is an input validation vulnerability that could allow attackers to build a query given some input and send that query over the network without sanitation," Microsoft said in its security update.

SolarWinds said the Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitised.

"SolarWinds has updated the input mechanism to perform additional validation and sanitisation. No downstream affect has been detected as the LDAP servers ignored improper characters," the company said, adding that it affects 15.2.5 and previous versions.

Microsoft reported the discovery to SolarWinds and they immediately patched the vulnerability.

"SolarWinds has updated the input mechanism to perform additional validation and sanitisation. To ensure proper input validation is completed in all environments, SolarWinds recommends scheduling an update to the latest version of Serv-U," said the company.

Microsoft warned that the Russia-based cyber criminals, behind the massive SolarWinds software attack last year, are on the prowl again, this time targeting organisations integral to the global IT supply chain.

The Russian nation-state actor 'Nobelium' has targeted at least 140 resellers and technology service providers in global IT supply chains, it said.

(With inputs from IANS)

(To receive our E-paper on whatsapp daily, please click here. To receive it on Telegram, please click here. We permit sharing of the paper's PDF on WhatsApp and other social media platforms.)

RECENT STORIES

Mumbai: 20-year-old mobile thief gets caught after he replaces SIM card in stolen handset to chat...

Mumbai: 20-year-old mobile thief gets caught after he replaces SIM card in stolen handset to chat...

Mumbai: SRA declares all slum pockets of city as approved slums to expedite redevelopment

Mumbai: SRA declares all slum pockets of city as approved slums to expedite redevelopment

Reasons why Aryan Khan was given a clean chit

Reasons why Aryan Khan was given a clean chit

Lonavala school closure: Education dept says it should run for a year

Lonavala school closure: Education dept says it should run for a year

Mumbai: 120 lifeguards, jet skis and kayaks deployed at beaches for monsoon

Mumbai: 120 lifeguards, jet skis and kayaks deployed at beaches for monsoon