Badlock Bug Poses Serious Security Risks


April 14, 2016

April 12, 2016 marks the day that the Badlock bug is slated to be released within the Windows and Samba infrastructures. While businesses should be aware of this event, it is expected that this day will also mark the time period when a patch also will be released. Both the Samba and Windows teams have been working together diligently to devise a patch for the potentially devastating Badlock bug. It’s vital that you are aware of this information if you are a business that uses either the Samba or Windows infrastructure since you’ll need the patch to prevent its exploitation.

Badlock Virus

The Details

Brace yourselves ‒ patches guarding against the Badlock bug are scheduled to be released at 17:00 UTC. This time is significant because it also marks the time of Microsoft Patch Tuesday. Only the latest Samba versions are going to be supported by this patch. These supported versions include Samba 4.2, 4.3 and 4.4. Support for Samba 4.1 is no longer offered with owners of that version strongly encouraged to upgrade to the latest Samba release of 4.4, which came online on March 22. Upgrading before using the patch saves time, because the system will already be primed and receptive before the bug’s release. It is important to note if you don’t upgrade to a more recent version of Samba, or you are unable to do so in time for the release of the patch, some vendors may provide back support for Samba 4.1 and the patch. This is not to say, though, that your systems will have a smooth and flawless transition.

How to Protect Your Samba System

When the patch for Badlock bug is released, a CVE will also be assigned at the same time. It is crucial to the stability and viability of any Samba infrastructure your business uses, however, that you are ready to patch those systems as quickly as possible. You should also have applicable sysadmin resources standing by in the event that the unthinkable happens. The Samba team expects exploits that pinpoint possible routes of attacks, and their vectors will begin unabated once the Badlock bug patch is released.

Why Badlock?

In this information-saturated world, it can be difficult to gain the attention of those important players in the IT game. Giving bugs a snappy and memorable name ‒ as well as a logo ‒ helps focus attention on a potentially devastating problem. Awareness and brevity are the primary reasons for giving bugs this treatment.

We're Integris. We're always working to empower people through technology.

Keep reading

How to Choose an IT Consultant in Boulder, CO

Regardless of industry size or type, Boulder IT consultants play a massive role in the way companies in the Boulder area do business. While most companies may have their own in-house IT department, many of these departments are small and cannot handle all the...

7 Signs Your Denver Business Needs a Tech Update

Regardless of size or industry, technology is an essential part of every Denver business. That being said, technological improvements and advancements can develop quite quickly, leaving some businesses scrambling to keep up. While many businesses cite expenses in the...

Cybersecurity best practices for Boston Businesses

Securing your businesses sensitive data, networks, and devices is non-negotiable in the technologically-driven world we live in. Whether you are a small business or or corporation in Boston, it is imperative that you prioritize cybersecurity. It is no longer enough to...