London Security sent out some emails about this last week, but it is important to acknowledge this threat is still out there, and provide something of a summary of various vendors answers to these problems. We have following various security providers responses, and have summarized each here for you. If there are additional questions, feel free to reach out to London Security Engineers - we would be happy to assist!
Trend talks about the issue and provides a tool to assist, a vulnerability tester for the issue. They additionally recommend following the Apache Upgrade guidelines, and checking Apache logs for the potential indicators of compromise. They DO NOT seem to have a specific product patch for this issue as of December 16th.
Their statement is simple, though they go over the threat in some detail.
"SentinelOne’s infrastructure, applications, products, and services aren’t vulnerable to the exploit. SentinelOne’s information technology, infrastructure, security, and cloud teams conducted a comprehensive assessment in accordance with our information security policies and procedures."
We at London Security are continuing to monitor this, and are looking at other solutions and how they respond accordingly.