Samba puts out new security update to address exploit that fueled WannaCry

Enlarge (credit: kelly sweeney)

On Wednesday, the Samba Team released new security updates to fix a vulnerability in “all versions of Samba from 4.0.0 onward using embedded Heimdal Kerberos,” according to an announcement from the United States-Computer Emergency Readiness Team (US-CERT).

The upgrade comes in response to an invasive piece of malware which virally spread ransomware known as “WannaCry,” “WCry,” or “WannaCrypt.” As Ars reported in May 2017, within hours of the attack, computer systems around the world were crippled, prompting hospitals to turn away patients while telecoms, banks, and companies such as FedEx were forced to turn off computers for the weekend.

Because of WannaCry, Microsoft took the rare step of issuing patches for three discontinued versions of Windows that hadn’t been updated in years. In a blog post released at the time, Microsoft believed that the ransomware worked due to a SMB protocol exploit.

Read 1 remaining paragraphs | Comments