A critical security bug that impacts Windows and Samba server infrastructures has been found. Dubbed Badlock, details on the vulnerability are scarce but additional information and a patch will be released on April 12.
Image from Badlock.org
Samba is an open source network file system software that lets Linux and Unix communicate with Windows-based clients. The software is an important component for integrating Linux and Unix servers as well as desktops into Active Directory environments. It can also run on IBM System 390, Open VMS and other operating systems.
The vulnerability was found by a member of the Samba Core Team, Stefan Metzmacher, who also works for SerNet. The IT consulting firm has created a website to publicise Badlock, saying:
“Engineers at Microsoft and the Samba Team are working together to get this problem fixed. Patches will be released on April 12th
Admins and all of you responsible for Windows or Samba server infrastructure: Mark the date. (Again: It’s April 12th, 2016.)
Please get yourself ready to patch all systems on this day.
So for those who are responsible for Windows-Samba environments, be sure to check Badlock.org on April 12 for more information.