Important Announcement: Revocation Of SolarWinds Code-Signing Certificate

by 18, Jan, 2021Announcements, Blog Posts, Useful Information

Having released security patches and upgrades to their Orion® platform, SolarWinds® have announced that due to the nature of the compromise, they are going to be revoking the code-signing certificate. The impact of this needs to be understood and managed accordingly, as a lack of action may affect your monitoring service.

The announcement today (15th January) states that on the 8th March 2021 the code-signing certificate will be actively revoked, leading to the potential for applications running with that certificate to be affected by your organisation’s internal security policies and end point protection software. These are likely to be monitoring the validity of such certificates on the installed software you have and if it sees a certificate in active use being in a revoked status is likely to interfere with the correct running of the software.

This certificate is used by more than just the Orion platform and therefore this impacts additional SolarWinds applications, with those affected needing to be upgraded with a new version, which has a new code-signing certificate.

SolarWinds are maintaining a page on the existing Security Advisory section of their website for this certificate change and should be your go to for regular updates – New Digital Code-Signing Certificates, so please ensure you review this if you have not already done so.

As this update requires an upgrade, the purpose of this blog is firstly to highlight that if you are running an application affected by the code-signing certificate revocation, you need to act quickly in order to plan for your application to be upgraded, ensuring the ongoing function remains.

We have provided guidance on how best to upgrade your Orion platform in order to take a risk adverse position in our previous blog and webinar, however for this circumstance an in place upgrade is likely to be the requirement. For those of you running affected application versions on old OS’s such as Windows Server 2012 or Windows Server 2008 (I know you still exist!), again this is an opportunity for you to get that migration project in place, upgrade the application and take advantage of all the new features you have been missing out on.

Quick Facts:

  1. You need to upgrade by 8th March 2021 to ensure correct operation of your affected SolarWinds application
  2. Those running Orion versions 2020.x should upgrade to 2020.2.4, which will be released during the week of 18th January
  3. Those running Orion versions within the 2019.4.x releases should upgrade either to 2020.2.4 or 2019.4.2, with that version release expected during week of 25th January
  4. For the affected non-Orion products, updates will be released to these over the same time period, so you are advised to keep an eye out for communications from SolarWinds and within the SolarWinds Customer Portal
  5. This is only a response to the Sunburst and Supernova vulnerabilities to perform a best practice clean-up and is not an indication of further compromise

Orion Products Affected by Digital Code-Signing Certificate Revocation

Orion Platform Version Recommended Action
2020.2.4 No action needed
2020.2.1 HF 2
2020.2.1 HF 1
2020.2.1
2020.2 HF 1
2020.2
Upgrade to 2020.2.4
2019.4.2 No action needed
2019.4 HF 6
2019.4 HF 5
2019.4 HF 4
Upgrade to 2020.2.4
OR
Upgrade to 2019.4.2

Non-Orion Platform Products

Porfolio Product Name Affected Versions
Database Database Performance Analyzer (DPA)

2019.4.1 SR1
2020.2
2020.2 HF2
2020.2.1 SR1
2020.4 RC1
2020.4 RC2
2020.4 RC3

Security Security Event Manager (SEM)

2019.4.1
2020.2
2020.2.1
2020.4

Access Rights Manager (ARM)

2019.4.3
2020.2
2020.2.1
2020.2.2
2020.2.3

Patch Manager

2020.2
2020.2.1

Application Performance Management Pingdom (versions of the WPM recorder)

2020.2.0.6002
2020.2.1.6402
2020.2.2.6824

Paid Tools Kiwi CatTools 3.11.6
Kiwi Syslog Server

9.7.1
9.7

Dameware Remote Support
Dameware Mini Remote Control
12.1.1
Serv-U

15.1.7 HF5
15.2
15.2.1

ipMonitor 11.1.0
Engineer’s Tool Set

2020.2
2020.2.1
2020.2.2

Mobile Admin

8.2.2
8.2.3

 

SolarWinds Orion Assistance Program

To support customers, SolarWinds have created the Orion Assitance Program (OAP). The program provides upgrade and hotfix assistance to Active Maintenance SolarWinds customers by leveraging professional consulting resources who are experienced with the Orion Platform and its products. These guidance and support services are provided at no additional charge to our Active Maintenance customers who were/are running one of the Orion Platform versions affected by SUNBURST or SUPERNOVA. OAP services also include assistance with your digital code-signing certificate update.

If you have any further questions, need any specific guidance or would like to take advantage of the Orion Assistance Program, please contact our support on support@prosperon.co.uk or 01903 340993. If you are raising a case with SolarWinds directly and need assistance with this, please provide us with the SolarWinds Case reference.

Mark Roberts

Mark Roberts

Technical Director

Mark Roberts is the Technical Director at Prosperon Networks and a SolarWinds MVP. Mark has been helping customers meet their monitoring needs with SolarWinds IT Management Solutions for over 14 years.

Contact Us: SolarWinds Technicial Support

Related Insights From The Prosperon Blog
Share This