Vuln hit “all versions of Samba from 4.0.0 onward using embedded Heimdal Kerberos.”
On Wednesday, the Samba TeamÂ releasedÂ new securityÂ updatesÂ to fixÂ a vulnerability in “all versions of Samba from 4.0.0 onward using embedded Heimdal Kerberos,”Â accordingÂ to an announcement from the United States-Computer Emergency Readiness Team (US-CERT).
The upgrade comes in response to an invasive piece of malware whichÂ virally spread ransomware known as “WannaCry,” “WCry,” or “WannaCrypt.”Â As Ars reported in May 2017, within hours of the attack, computer systems around the world were crippled, prompting hospitals to turn away patients while telecoms, banks, andÂ companies such as FedExÂ were forced to turn off computers for the weekend.
Because of WannaCry, Microsoft took the rare step of issuingÂ patchesÂ for three discontinued versions of Windows that hadnâ€™t been updated in years. In a blog post released at the time, Microsoft believed that the ransomware worked due to a Samba exploit.With the newly released update, Samba developersÂ noted: “Additionally, Samba 4.6.6, 4.5.12 and 4.4.15 have been issued as security releases to correct the defect. Samba vendors and administrators running affected versions linked against the embedded Heimdal Kerberos are advised to upgrade or apply the patch as soon as possible.”