Patch now! Malicious code attacks on Solarwind's Web Help Desk observed
Attackers are currently exploiting a critical vulnerability in Solarwind's Web Help Desk. A security patch is available, but can sometimes cause problems.
(Image: Sashkin/Shutterstock.com)
The US Cybersecurity & Infrastructure Security Agency (CISA) warns of attacks on the Solarwinds Web Help Desk (WHD) customer support software. Attackers execute malicious code and take full control of computers.
Videos by heise
The warning about the attacks is based on a CISA entry. The "critical" vulnerability threatens all WHD versions up to and including 12.8.3. An update is now available.
Waiting for another hotfix
However, as a post by Solwarwinds shows, the security patch can cause problems. The developers state that an upgrade to 12.8.3 is mandatory before installing WHD 12.8.3 Hotfix 1.
They also recommend that admins only install the hotfix if the WHD servers are publicly accessible. Otherwise, they recommend waiting until they release a revised hotfix. It is not yet clear when this will be the case.
Hotfix 1 can also cause problems if SAML Single Sign-On is active. After installation, the login service should no longer work.
(des)
