Design weakness on SolarWinds Patch Manager found April, 2019. The flaw is that when Notepad++ and 7-Zip do not requiure trust sign verification. Fundamentally, 7-Zip has never signed their packages. Meanwhile the certificate to sign Notepad++ is expired at that time. SolarWinds asks customers with any of the below products listed as known affected for Orion Platform v2019.4 HF 5 to update to Orion Platform 2019.4 HF 6, which is available at https://customerportal.solarwinds.com/
Quick verification – CHECK FILES AND HASHES:
The presence of any of the following files indicates that a trojanized version of SolarWinds is installed.
1.File Name: SolarWinds.Orion.Core.BusinessLayer.dll, File Hash (MD5): b91ce2fa41029f6955bff20079468448
2.File Path and Name: C:[\]WINDOWS[\]SysWOW64[\]netsetupsvc.dll