Important Announcement: Revocation Of SolarWinds Code-Signing Certificate
Having released security patches and upgrades to their Orion® platform, SolarWinds® have announced that due to the nature of the compromise, they are going to be revoking the code-signing certificate. The impact of this needs to be understood and managed accordingly, as a lack of action may affect your monitoring service.
The announcement today (15th January) states that on the 8th March 2021 the code-signing certificate will be actively revoked, leading to the potential for applications running with that certificate to be affected by your organisation’s internal security policies and end point protection software. These are likely to be monitoring the validity of such certificates on the installed software you have and if it sees a certificate in active use being in a revoked status is likely to interfere with the correct running of the software.
This certificate is used by more than just the Orion platform and therefore this impacts additional SolarWinds applications, with those affected needing to be upgraded with a new version, which has a new code-signing certificate.
SolarWinds are maintaining a page on the existing Security Advisory section of their website for this certificate change and should be your go to for regular updates – New Digital Code-Signing Certificates, so please ensure you review this if you have not already done so.
As this update requires an upgrade, the purpose of this blog is firstly to highlight that if you are running an application affected by the code-signing certificate revocation, you need to act quickly in order to plan for your application to be upgraded, ensuring the ongoing function remains.
We have provided guidance on how best to upgrade your Orion platform in order to take a risk adverse position in our previous blog and webinar, however for this circumstance an in place upgrade is likely to be the requirement. For those of you running affected application versions on old OS’s such as Windows Server 2012 or Windows Server 2008 (I know you still exist!), again this is an opportunity for you to get that migration project in place, upgrade the application and take advantage of all the new features you have been missing out on.
- You need to upgrade by 8th March 2021 to ensure correct operation of your affected SolarWinds application
- Those running Orion versions 2020.x should upgrade to 2020.2.4, which will be released during the week of 18th January
- Those running Orion versions within the 2019.4.x releases should upgrade either to 2020.2.4 or 2019.4.2, with that version release expected during week of 25th January
- For the affected non-Orion products, updates will be released to these over the same time period, so you are advised to keep an eye out for communications from SolarWinds and within the SolarWinds Customer Portal
- This is only a response to the Sunburst and Supernova vulnerabilities to perform a best practice clean-up and is not an indication of further compromise
Orion Products Affected by Digital Code-Signing Certificate Revocation
|Orion Platform Version||Recommended Action|
|2020.2.4||No action needed|
|2020.2.1 HF 2
2020.2.1 HF 1
2020.2 HF 1
|Upgrade to 2020.2.4|
|2019.4.2||No action needed|
|2019.4 HF 6
2019.4 HF 5
2019.4 HF 4
|Upgrade to 2020.2.4
Upgrade to 2019.4.2
Non-Orion Platform Products
|Porfolio||Product Name||Affected Versions|
|Database||Database Performance Analyzer (DPA)||
|Security||Security Event Manager (SEM)||
|Access Rights Manager (ARM)||
|Application Performance Management||Pingdom (versions of the WPM recorder)||
|Paid Tools||Kiwi CatTools||3.11.6|
|Kiwi Syslog Server||
|Dameware Remote Support
Dameware Mini Remote Control
|Engineer’s Tool Set||
SolarWinds Orion Assistance Program
To support customers, SolarWinds have created the Orion Assitance Program (OAP). The program provides upgrade and hotfix assistance to Active Maintenance SolarWinds customers by leveraging professional consulting resources who are experienced with the Orion Platform and its products. These guidance and support services are provided at no additional charge to our Active Maintenance customers who were/are running one of the Orion Platform versions affected by SUNBURST or SUPERNOVA. OAP services also include assistance with your digital code-signing certificate update.
If you have any further questions, need any specific guidance or would like to take advantage of the Orion Assistance Program, please contact our support on firstname.lastname@example.org or 01903 340993. If you are raising a case with SolarWinds directly and need assistance with this, please provide us with the SolarWinds Case reference.
Contact Us: SolarWinds Technicial Support
Following the identification of security vulnerabilities Sunburst and SuperNova, SolarWinds® have released an update patch in order to address these vulnerabilities. If you...
Sunburst On the 13th December, a SolarWinds® security alert was issued, identifying a security incident exists in the SolarWinds Orion® Platform covering the version builds...