Open in App
  • Local
  • U.S.
  • Election
  • Politics
  • Sports
  • Lifestyle
  • Education
  • Real Estate
  • Newsletter
    • ITPro

    SolarWinds urges customers to patch critical Web Help Desk flaw

    By Ross Kelly,

    2024-08-19

    https://img.particlenews.com/image.php?url=3T9rSg_0v2grOGO00

    SolarWinds has issued a warning to customers after the discovery of a critical vulnerability in the firm’s Web Help Desk solution.

    The vulnerability, tracked as CVE-2024-28986 , is a Java deserialization vulnerability that could be exploited to achieve remote code execution, the company confirmed in an advisory last week.

    “SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine,” the company said.

    SolarWinds’ IT help desk software is used by a host of organizations globally, including private enterprises, government departments, and healthcare firms to automate help desk management processes.

    SolarWinds confirmed a hotfix has been made available for users, and applies to Web Help Desk 12.8.3. This will require admins to manually add and modify specific files for the patch to work.

    As part of this, the firm recommends admins create backup copies of original files before replacing them. This will ensure a smoother process in the event that the hotfix was not applied correctly.

    Recommendations included in the SolarWinds advisory include:

    • “If your WHD deployment on a public-facing server, install WHD 12.8.3 Hotfix 1.”
    • “If your WHD deployment is NOT on a public-facing server, you can wait until SolarWinds releases a new hotfix.”

    No other SolarWinds products or solutions are affected by the flaw.

    SolarWinds users urged to patch out of an ‘abundance of caution’

    RELATED WHITEPAPER

    https://img.particlenews.com/image.php?url=3IeJF4_0v2grOGO00

    (Image credit: NinjaOne)

    Evaluate your patch readiness and assess potential solutions

    In its advisory, SolarWinds confirmed the vulnerability could be exploited, but noted it has been unable to reproduce the flaw without authentication after “thorough testing”.

    Despite this, the firm insisted users should apply the patch immediately. The flaw was given a critical severity score of 9.8, SolarWinds revealed, marking it as ‘critical’.

    “Out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available,” the company said in its advisory.

    Expand All
    Read in NewsBreak
    Comments /
    Add a Comment
    YOU MAY ALSO LIKE
    Local News newsLocal News
    Woman catches Texas Roadhouse managers allegedly scheming to terminate an injured worker
    NewsNinja23 days ago
    Higher Death Rates Prompt Pfizer to Withdraw Medication Over Serious Safety Concerns
    Uncovering Florida1 day ago
    6.6 Magnitude Earthquake Strikes Off the Coast of Canada, Felt in Washington State
    Bellingham Metro News12 days ago
    Fentanyl-meth combo ravages homeless in Denver, so why aren't there better treatments?
    David Heitz21 days ago
    Why Your Cat Chooses to Sleep Near You
    Vision Pet Care8 hours ago
    COVID-19 Treatment Recalled Nationwide Due to Serious Health Risk
    Uncovering Florida4 days ago
    A cyber criminal group behind an MFA bypass operation promised hackers “profit within minutes” – they’re now facing lengthy jail sentences
    ITPro23 days ago
    Elastic returns to open source, but can it regain the community’s trust? Some industry players aren’t holding their breath
    ITPro22 days ago
    4 New Cases of Severe West Nile Virus Detected
    Robert Russell Shaneyfelt8 days ago
    Vision screenings for driver’s license renewals will be required in ’25 to enhance driver safety
    Northern Kentucky Tribune8 days ago
    One of the Top 5 Best Hamburgers I have ever eaten is located in this suburb of Illinois.
    Chicago Food King9 days ago
    Armed Robbery of USPS Mail Carrier: Two Charged
    Morristown Minute4 days ago
    Cyber workforce growth slows as tight budgets hit hiring targets — and it’s going to create a more dangerous threat landscape and send burnout through the roof
    ITPro17 days ago
    This Is Why Idaho Is The State People Are Least Likely To Move Away From
    Shop with Me Mama10 days ago
    Proposed law will require gas stoves to come with a warning label
    The HD Post12 days ago
    Order Free COVID-19 Tests at the End of September
    Alameda Post3 days ago
    SuiteWorld 2024 live: All the news and updates as they happen
    ITPro19 days ago
    Everything you need to know about the Fortinet data breach
    ITPro15 days ago
    Big Lots files bankruptcy amid closing 74 stores in California
    The HD Post19 days ago
    So you lost your job at Klarna to AI – at least your former coworkers get a pay rise
    ITPro22 days ago
    Children living in car on Denver’s streets as advocate can't be heard
    David Heitz4 days ago
    Empowering enterprises with AI: Entering the era of choice
    ITPro18 days ago
    Border Patrol’s refusal to rescue an injured man by cutting the wall shows a larger “cultural problem,” former CBP commissioner says
    Arizona Luminaria8 days ago
    NJ Meth Trafficker Sentenced to 12+ Years in Federal Prison
    Morristown Minute3 days ago
    Major Bust Uncovers 10,000 Pounds of Illegally Harvested Berries in Florida
    Uncovering Florida8 days ago
    UK convenes international talks on cyber security
    ITPro12 days ago
    New law allows tenants to report on-time rent payments to help credit score
    The HD Post4 days ago
    New international AI treaty is a "welcomed step" to improving safety, reducing potential harms
    ITPro19 days ago
    5 Duval students arrested for threatening schools, the youngest 11 years old
    Jacksonville Today16 days ago
    Rare SE Georgia Earthquake Recorded in August, State's Farthest South in 10 Years
    DeanLand27 days ago

    Comments / 0

    Community Policy