Microsoft identified a new zero-day vulnerability (tracked as CVE-2021-35211) impacting SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP products – this vulnerability is not related to SUNBURST. The Serv-U vulnerability enables remote code execution (RCE) with privileges following successful exploitation. While exploitation appears very limited, SolarWinds issued a hotfix to resolve the issue and recommends customers install the update immediately. The SolarWinds Security Advisory Summary includes explicit steps to determine if your environment has been compromised. Read more at BleepingComputer.