[aklug] "Badlock" SMB bug coming April 12

From: Royce Williams <royce@tycho.org>
Date: Tue Mar 22 2016 - 11:13:49 AKDT



- Pretty unusual to have this much lead time.

- Probably involved circumvention of controls (think: "Everyone" group able
to read sensitive stuff in any share)

- Probably a deep architectural flaw (or a conceptually understandable
implementation bug that both Microsoft and Samba teams made independently)

- Workarounds unlikely.

- Hackers and InfoSec folks are all over this, so anticipate risks with
zero day exploits prior to April 12.


To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Tue Mar 22 09:32:00 2016

This archive was generated by hypermail 2.1.8 : Tue Mar 22 2016 - 09:32:01 AKDT