617.938.6200
Badlock is the new security vulnerability bug of 2016. Badlock was discovered by Stefan Metzmacher, who is a renowned member of the international Samba Core Developer Team and works at SerNet on Samba. He reported the bug to Microsoft and has been working closely with them (Microsoft) to fix the problem.
Badlock falls into the same category as HeartBleed, which was announced in 2014 and came with a name, a logo and a website to help IT service providers and system administrators with updates and patches to guard against it.
This bug affects unknown versions of the Windows operating systems and Samba, a free open-source software that integrates with Linux and Unix servers.
On April 12, 2016 Microsoft and the Samba Team will disclose the severe bug which affects almost all versions of Microsoft Windows and Samba. As more information becomes available IT Service Providers and system administrators will be able to get more information at http://badlock.org. The website will be updated regularly and all IT service people should mark the release date.
Badlock, the new vulnerability is getting a lot of controversial attention due to the fundamental functions that are affected by the bug, and the fact that there will be no detailed information prior to the release of fixes on April 12, 2016.
There will be a 20 day pre-notification, which is meant to ensure that system administrators are able to apply the patch as soon as possible. The coordinated efforts of Microsoft and SerNet are meant to ensure a reasonable time to get the maximum number of systems repaired in a short time. SerNet believes the vulnerability will likely be exploited once its details become public.
