fbpx

News & Blog

Read the latest business news, blogs and thought leadership articles from our members, as well as updates on the Edinburgh Chamber of Commerce's work in the city.

News & Blog

Badlock: What we know so far

Posted: 7th April 2016

It seems like every vulnerability these days is given a branded makeover (see POODLE and Heartbleed) and Badlock is no different. Before the technical details have even been disclosed it already has its very own website and logo, but just what is Badlock? With the technical details scarce, Andrew Waite, Leading IT Security Consultant at Managed Services experts Onyx Group, takes a look at how concerned you should be, and the steps you can take today to help secure your systems.

What is Badlock?

As we have previously mentioned the technical details of Badlock are scarce as the vulnerability has only been pre-announced, however it is believed to be a critical vulnerability affecting Windows systems’ SMB stack, and Samba (an open source implementation of the SMB protocol)

Microsoft have already announced that there will be a patch to rectify this vulnerability which is due to be released on the 12th of April as part of their regular patch Tuesday schedule, and we recommend that this is applied as soon as possible.

Should I be concerned?

Yes and no. There is no way of telling just how dangerous this vulnerability could be with the limited amount of information that is available. Thankfully the flaw has been responsibly disclosed and at the time of writing, there is no public exploit code currently available so although systems may be technically vulnerable, they shouldn’t be at risk of immediate exploitation.

However, with the vulnerability gathering some serious media coverage, we expect the ‘dark side’ of the security world to be eagerly awaiting the 12th of April to begin reverse engineering the patch, revealing the nature of the vulnerability giving them chance to exploit machines running unpatched software.

What can be done in the meantime?

Whilst waiting for the patch to be released, we recommend that you begin a preliminary investigation to see if your systems are running the effected versions of SMB / Samba. This way, when the patch is made available, you are reducing the time it takes to deploy the fix and secure your systems.

We will continue to keep an eye on the situation and inform you of any developments, but in the meantime if you do have any concerns please get in touch with the security team on 0800 970 92 92  to speak to one of our expert consultants.

Business Comment

Business Comment is the Edinburgh Chamber of Commerce’s bi-monthly magazine. It provides insight on Edinburgh’s vibrant business community, with features on the city’s key sectors, interviews with leading figures and news on new business developments in the capital.
Read more here