"In a nutshell, Badlock refers to a defect in a security component contained in just about every version of the Windows and Linux operating systems. Known as the Distributed Computing Environment/Remote Procedure Call (DCE/RPC), it's used by administrators around the world to access the most valuable asset on any Windows network—the Active Directory, which acts as a network's digital security guard, allowing, for instance, an organization's CFO to log in to an accounting server, while locking out the janitor or the groundskeeper. Because Active Directories enforce security policies and contain password data and other crucial credentials, they are almost always the first asset hackers access once they gain a limited foothold into a targeted network." "An Active Directory infrastructure with a Samba server as a domain member is vulnerable to this flaw," an advisory published Tuesday by Linux distributor Red Hat warned. "A man-in-the-middle attacker could intercept DCE/RPC traffic between the domain member and the domain controller to impersonate the client and get the same privileges as the authenticated user account. The attacker could view or modify secrets within an AD database, including user password hashes, or shutdown critical services." -- source: http://arstechnica.com/security/2016/04/yes-badlock-bug-was-shamelessly-hype... Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/