Solarwinds Version Check

checks against known vulnerable versions

Description

An Agent Procedure for a ‘Malicious DLL Scanner’ which checks the environment for (evidence of compromise / traces of infection) from the known Solarwinds Orion DLL version using the SHA256 known vulnerable version hashes for the DLL. Kaseya recommends a defense in depth approach, and this Malicious DLL Scanner should be used in conjunction with other layers of defensive architecture for optimal outcomes.

Developer
  • Name: Kaseya Automation Team
  • Company: Kaseya
  • Website: http://www.kaseya.com
  • Contact Developer
  • Summary
  • Solarwinds Version Check
  • 42 Downloads
  • Version:
  • Initially Released December 29th, 2020
  • Reviews

    Solarwinds Version Check has no reviews.

    Discussion
    Gravatar for John Nuttall
    John Nuttall 3 months ago

    If you get an error in Line 7, please make sure that you have created the custom fields.

    1. go to the Audit tab -> System Info page

    2. Click the "New Custom Field" and create a String field called "SolarwindsDLLStatus". Repeat this for a field called "SolarWindsDLLHash"

    You can pick different names for these fields if you like - you just need to make sure that you edit the procedure to update the fields that you created - the custom fields are updated by name, so a change to the field name does require that the name be exactly the same for the procedure to update them.