Badlock Bug Poses Serious Security Risks


April 14, 2016

April 12, 2016 marks the day that the Badlock bug is slated to be released within the Windows and Samba infrastructures. While businesses should be aware of this event, it is expected that this day will also mark the time period when a patch also will be released. Both the Samba and Windows teams have been working together diligently to devise a patch for the potentially devastating Badlock bug. It’s vital that you are aware of this information if you are a business that uses either the Samba or Windows infrastructure since you’ll need the patch to prevent its exploitation.

Badlock Virus

The Details

Brace yourselves ‒ patches guarding against the Badlock bug are scheduled to be released at 17:00 UTC. This time is significant because it also marks the time of Microsoft Patch Tuesday. Only the latest Samba versions are going to be supported by this patch. These supported versions include Samba 4.2, 4.3 and 4.4. Support for Samba 4.1 is no longer offered with owners of that version strongly encouraged to upgrade to the latest Samba release of 4.4, which came online on March 22. Upgrading before using the patch saves time, because the system will already be primed and receptive before the bug’s release. It is important to note if you don’t upgrade to a more recent version of Samba, or you are unable to do so in time for the release of the patch, some vendors may provide back support for Samba 4.1 and the patch. This is not to say, though, that your systems will have a smooth and flawless transition.

How to Protect Your Samba System

When the patch for Badlock bug is released, a CVE will also be assigned at the same time. It is crucial to the stability and viability of any Samba infrastructure your business uses, however, that you are ready to patch those systems as quickly as possible. You should also have applicable sysadmin resources standing by in the event that the unthinkable happens. The Samba team expects exploits that pinpoint possible routes of attacks, and their vectors will begin unabated once the Badlock bug patch is released.

Why Badlock?

In this information-saturated world, it can be difficult to gain the attention of those important players in the IT game. Giving bugs a snappy and memorable name ‒ as well as a logo ‒ helps focus attention on a potentially devastating problem. Awareness and brevity are the primary reasons for giving bugs this treatment.

We're Integris. We're always working to empower people through technology.

Keep reading

Managed IT Services St. Paul: 5 Powerful Advantages for Businesses

Managed IT Services St. Paul: 5 Powerful Advantages for Businesses

As a business owner, it's important to make the most of your resources. This includes finding cost-effective solutions for managing and maintaining your company's technology. Keeping a competitive edge in your industry requires secure, modern tech that allows your...

IT Support Minneapolis: Where to Find Top IT Services in Minneapolis

IT Support Minneapolis: Where to Find Top IT Services in Minneapolis

If you’re wondering where to find top IT services in Minneapolis, it’s important to identify providers that offer a wide range of support, have great service and provide solid tech expertise. Comprehensive technology insight is especially important when it comes to IT...

Webinar: Email Security that Doesn’t Suck…

Webinar: Email Security that Doesn’t Suck…

Trustifi and Security 7 present Email Security That Doesn’t Suck.  In today’s age of over-complicated security tools, it is extremely difficult to manage the fine balance between security and productivity.   {% video_player "embed_player" overrideable=False,...