checks against known vulnerable versions
An Agent Procedure for a ‘Malicious DLL Scanner’ which checks the environment for (evidence of compromise / traces of infection) from the known Solarwinds Orion DLL version using the SHA256 known vulnerable version hashes for the DLL. Kaseya recommends a defense in depth approach, and this Malicious DLL Scanner should be used in conjunction with other layers of defensive architecture for optimal outcomes.
Solarwinds Version Check has no reviews.
If you get an error in Line 7, please make sure that you have created the custom fields.
1. go to the Audit tab -> System Info page
2. Click the "New Custom Field" and create a String field called "SolarwindsDLLStatus". Repeat this for a field called "SolarWindsDLLHash"
You can pick different names for these fields if you like - you just need to make sure that you edit the procedure to update the fields that you created - the custom fields are updated by name, so a change to the field name does require that the name be exactly the same for the procedure to update them.