• Your cart is empty
  •  

SimplerCloud Pte Ltd

×
×

News: Security Advisory: Windows SAM and LSAD Downgrade Vulnerability (Badlock)

Published: 15/04/2016 Back

This advisory is provided as a courtesy.

We would like to bring to your attention a newly discovered vulnerability in Microsoft Windows, which allows elevation of privilege if an attacker launches a man-in-the-middle (MITM) attack. An attacker could then force a downgrade of the authentication level of the SAM and LSAD channels and impersonate an authenticated user.


This vulnerability is mainly affecting Samba protocol, and it's also known as Badlock. It affects almost all version of Windows, including Windows Server 2008 R2 and Windows Server 2012 R2. If you are running vulnerable OS, we strongly recommend you to run Windows Update to install the latest patches for your operating system to fix the vulnerability issue on your servelet. The security bug has been assigned bug-ID CVE-2016-0128.


Impact


There are two methods on how affected servers can be impacted. One is a MITM (man-in-the-middle) attack which can be performed against a variety of protocols used by Samba. These would permit execution of arbitrary Samba network calls using the context of the intercepted user. Another impact would be DOS (denial of service) attack from an attacker with remote network connectivity to the Samba service.


Affected Server


Some operating systems affected by this vulnerability includes, but not limited to:


- Microsoft Windows Server 2008 R2
- Microsoft Windows Server 2012 R2

How to Fix the Problem


You just need to run Windows Update to install the latest patches for your operating system, and restart your servelet afterwards for the new patches to take effect.


More information


Microsoft Security Bulletin MS16-047 - Important
Badlock Bug
CVE-2016-0128

Request Assistance


If needed, we can perform the patch installation for you at a one-time discounted fee of $10. Please submit your order at Order -> Additional Services -> Vulnerability Fix - LINUX & WINDOWS: Linux Kernel "Use-After-Free", GNU C Library and Poodle SSLV3 Vulnerability - $10.

Or please first open a support ticket and give us the hostname, IP address and OS template. You can find this information on your servelet's control panel.

For example:

Hostname: test-dd
IP Address: 103.25.202.81
OS Template: Windows Server 2012 R2

Thank you.

SimplerCloud Support Team