back to article As you're scrambling to patch the scary ZeroLogon hole in Windows Server, don't forget Samba – it's also affected

Administrators running Samba as their domain controllers should update their installations as the open-source software suffers from the same ZeroLogon hole as Microsoft's Windows Server. An alert from the project has confirmed that its code, in certain configurations, is also vulnerable to the CVE-2020-1472 bug, which can be …

  1. Robert Grant Silver badge

    Last week, Uncle Sam's CISA took the rare step of issuing a hard deadline for federal organizations to patch their systems against the flaw, notifying IT bods they had until the end of September 21 to make sure their domain controllers were up-to-date.

    Excellent.

  2. sitta_europea Bronze badge

    I've been sayin' it....

  3. Anonymous Coward
    Anonymous Coward

    couldn't come at a better time: the business prevention department have just decided test systems need centralised login control, without any warning, or time to inform teams, or rewrite automation, so its down tools until... where do I find that exploit.

  4. Anonymous Coward
    Anonymous Coward

    Not supported by my servers

    I see that it doesn't affect me because

    1) My servers don't implement the vulnerable encryption -- only the old (no longer supported) encryption.

    and

    2) Even it they did, it's mitigated by the fact that my servers refuse machine-password changes anyway. I decided years ago that machine-password changes were a defence-in-depth security feature I did not need, and an attack surface I did no want.

  5. Version 1.0 Silver badge
    Happy

    Quick Fix

    The risk can be reduced by disconnecting all Windows Servers from the internet - this solves a lot of problems.

    1. This post has been deleted by its author

      1. Anonymous Coward
        Anonymous Coward

        Re: Quick Fix

        Yes, but if there were no windows machines, we wouldn't need Samba. We could use NFS instead.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021