- Cumulative update for Windows 10 Version 1511 and Windows Server 2016 Technical Preview 4: April 12, 2016
The individual patch (3148527) itself is documented here:
- Security Update for Microsoft Security Bulletin MS16-047 – Important
SAM and LSAD Remote Protocols (3148527)
While the vulnerability seems to be directed towards Microsoft and Samba, it also appears to impact major cloud file sharing providers and other operating systems distributions.
There’s a web site with very few details about the threat at http://badlock.org/.
Here’s a few articles about the topic:
- ZDNET: Badlock, another ‘major’ security bug that puts profits before patches
- SECURITYWEEK: Microsoft, Samba Preparing Patch for Severe "Badlock" Flaw
- THREATPOST: Badlock Vulnerability Clues Few and Far Between
- SEARCHSECURITY: Badlock flaw hits Samba, Windows and responsible disclosure
- WIRED: Hype Around The Mysterious ‘BadLock’ Bug Raises Criticism
- INFOWORLD: The Badlock bug: Start your patch prep today
(Thanks to coworker & Account Technology Strategist, Peter Renner, for bringing this to my attention)