Log4J: Microsoft discovers attackers targeting undisclosed SolarWinds vulnerability

Microsoft researchers uncovered a new vulnerability in SolarWinds’ Serv-U software, allowing attackers to build an unsanitized LDAP query. SolarWinds acknowledged and swiftly fixed the issue, though some experts expressed renewed concern following the company’s previous major breach. Microsoft urged customers to apply security updates, assuring that its tools can detect and rectify such vulnerabilities. The discovery and immediate response attests to the need for continuous software vulnerability research and cooperation.