Badlock – WindowsTechs.com

Cisco, Netgear Readying Patches for Samba Vulnerability

Posted on May 31, 2017 by Chris Brook

Cisco is prepping fixes for two of its products affected by last week’s Samba vulnerability. Netgear has also pushed out a fix for NAS devices that were affected. Continue reading Cisco, Netgear Readying Patches for Samba Vulnerability→

Heartbleed, ImageTragick, Badlock – Are we facing a named vulnerability backlash?

Posted on May 4, 2016 by Maria Varmazis

Does it help to give a vulnerability a slick-sounding name and fancy logo? Or is it giving us “glamour vulnerability fatigue”? Continue reading Heartbleed, ImageTragick, Badlock – Are we facing a named vulnerability backlash?→

BADLOCK – Are ‘Branded’ Exploits Going Too Far?

Posted on April 14, 2016 by Darknet

So there’s been hype about this big exploit coming, for over a month, before anything was released. It had a name, a website and a logo – and it was called Badlock. And now it’s out, and it’s more like Sadlock – really a local network DoS against DCE/RPC services on Windows and Linux with […]

The post BADLOCK – Are…

Read the full post at darknet.org.uk

Continue reading BADLOCK – Are ‘Branded’ Exploits Going Too Far?→

‘Badlock’ Bug Tops Microsoft Patch Batch

Posted on April 13, 2016 by BrianKrebs

Microsoft released fixes on Tuesday to plug critical security holes in Windows and other software. The company issued 13 patches to tackle dozens of vulnerabilities, including a much-hyped “Badlock” file-sharing bug that appears ripe for exploitation. Also, Adobe updated its Flash Player release to address at least two-dozen flaws — in addition to the zero-day vulnerability Adobe patched last week. Continue reading ‘Badlock’ Bug Tops Microsoft Patch Batch→

Microsoft patches Badlock, but doesn’t call it critical

Posted on April 13, 2016 by Help Net Security

Microsoft just released several security bulletins, with six marked as critical and seven categorized as important. The biggest surprise (or disguise) came in the patch marked only as important titled “Security Update for SAM and LSAD Remote Protocols” – this refers to the vulnerability more commonly known as Badlock. As it turns out Badlock was not directly part of an exploit in Server Message Block (SMB) as original anticipated but rather part of Microsoft authentication … More → Continue reading Microsoft patches Badlock, but doesn’t call it critical→

Yes, Badlock bug was shamelessly hyped, but the threat is real

Posted on April 12, 2016 by Dan Goodin

Code in just about every version of Windows and Linux exposes keys to kingdom. Continue reading Yes, Badlock bug was shamelessly hyped, but the threat is real→

Badlock revealed – probably not as bad as you thought

Posted on April 12, 2016 by Paul Ducklin

Stand down from red alert! “Badlock”, a security hole announced in the most publicly secret way in March 2016, has now been patched. Continue reading Badlock revealed – probably not as bad as you thought→

Badlock Vulnerability Falls Flat Against Its Hype

Posted on April 12, 2016 by Michael Mimoso

The much anticipated Badlock vulnerability wasn’t in the SMB protocol after all, but in SAM and LSAD and exposed Windows machines to privilege escalation. Continue reading Badlock Vulnerability Falls Flat Against Its Hype→

Badlock Vulnerability Clues Few and Far Between

Posted on March 28, 2016 by Michael Mimoso

Admins have to hold their breath for two more weeks on the Badlock vulnerability. Which will come first: the patch, or a public exploit? Continue reading Badlock Vulnerability Clues Few and Far Between→

Threatpost News Wrap, March 25, 2016

Posted on March 25, 2016 by Chris Brook

Mike Mimoso and Chris Brook recap the week in news, including how the FBI vacated Tuesday’s Apple hearing, a crypto iMessage bug that was patched, and the latest hospital to be hit by the ransomware Locky. The two also preview Badlock and what implicat… Continue reading Threatpost News Wrap, March 25, 2016→