Badlock was discovered by the Open Source Samba community and apparently underpins both Samba and Windows Server Message Block (SMB). The malware is significant, because it potentially allows privileged access to Windows and Samba resources through a flaw in the SMB protocol. Steve Donald, CTO at Hexis Commented below.
Steve Donald, CTO at Hexis Cyber Solutions:
“Its commendable that Microsoft and the Samba community got on top of the bug as soon as it was discovered, a positive benefit for the wider user community. However, one issue that needs investigation is whether or not the bug has been embedded into any of the popular network attached storage (NAS) devices that support Samba and whether manufacturers of these devices are issuing firmware patches also.
“Small, embedded NAS appliances are increasingly popular in SMB environments, as well as SoHo workspaces. It means that if the Badlock bug forms part of the Samba implementations within the proprietary operating systems used by these devices, potentially millions of storage repositories could be at risk. It’s important that these manufacturers exhibit the same due diligence towards software patching that Microsoft and the Windows Server community maintains.
“Software updates are a growing issue in relation to the Internet of Things. While Windows and MacOS benefit from frequent patches, embedded firmware devices often do not.”