Post Syndicated from LWN.net original http://lwn.net/Articles/683491/rss
The details for the “Badlock” vulnerability in the SMB protocol have finally been disclosed, along with the
obligatory logo and domain name; there is no word on the availability of
hats and T-shirts yet. It is a man-in-the-middle attack that can allow an
attacker to access files in an SMB share with the permissions of the
intercepted user. “Please update your systems. We are pretty sure that there will be exploits soon.
Engineers at Microsoft and the Samba Team worked together during the past months to get this problem fixed.”