Cybersecurity and Infrastructure Security Agency issues emergency directive to update SolarWinds software. CISA: All federal organizations with a vulnerable version of the solarWinds platform must update to version 2020.2.1.1HF2 by Dec. 31. Multiple federal agencies were compromised, including the Commerce and Treasury departments. Microsoft updates Solorigate investigation finds no evidence of access to production services or customer data nor any indication that its systems were used to attack others. The attack’s impact goes well beyond the federal government to include state and local agencies, critical infrastructure and private organizations.”]
Source: https://www.cuinfosecurity.com/cisa-releases-new-guidance-on-solarwinds-patch-a-15684