Posted by: kurtsh | April 11, 2016

NEWS: Badlock SMB vulnerability to be released on April 12th

imageUPDATE 4/12/16: Today, Microsoft released a critical patch to address the vulnerability identified as “Badlock”.  The patch is part of a larger critical cumulative update package. (3147458)

The individual patch (3148527) itself is documented here:

———————-
ORIGINAL POST:

imageBadlock is a vulnerability to be released April 12 that attacks a weakness in the SMB/CIFS networking protocol.

While the vulnerability seems to be directed towards Microsoft and Samba, it also appears to impact major cloud file sharing providers and other operating systems distributions.

There’s a web site with very few details about the threat at http://badlock.org/.

Here’s a few articles about the topic:

(Thanks to coworker & Account Technology Strategist, Peter Renner, for bringing this to my attention)


Categories

%d bloggers like this: