MSP Blog Logo

Cyber Security

Business Growth

Sales and Marketing

IT Services


Empowering Your MSP Business to Grow and Prosper—One Post at a Time


Featured Post

The Ultimate Guide to Success in Managed IT Services

What are the fundamentals to building a profitable managed IT services business? Keep reading to discover the four key ingredients for success.

Read Now

Badlock/Bad Luck - What MSPs Can Do Before April 12th Patches

Posted April 6, 2016by Mary McCoy

April 12th. Memorize that date like it's your mother's birthday. April 12th. 

In case you haven't heard, a security vulnerability called Badlock was recently discovered in Windows and Samba. While the nature of the bug has not yet been revealed, patches along with details of the flaw will be released next week, on April 12th. Ever since news of the vulnerability broke in March, hackers have been salivating at the mouth, ready to pounce. Indeed, some may have already discovered the bug. Since attackers will be eagerly awaiting the disclosure, once patches are released next week, Windows and Samba users must immediately patch their systems to prevent exploitation. This should serve as a warning to all MSPs to act now, and get your house in order. 

Badlock Bug Background (Details TBD)

"Please get yourself ready to patch all systems on this day. We are pretty sure that there will be exploits soon after we publish all relevant information."

This warning comes straight from the official Badlock website and speaks to the growing anticipation within the cybercrime community. Although we don't know where the Badlock bug lives, InfoWorld is attempting to connect dots by sharing hints given by SerNet, the Samba consulting company responsible for the Badlock website. Since Badlock implicates Windows and Samba users, it is likely that it "has something to do with the SMB protocol, used to read and write files over the local network, or Common Internet File System (CIFS), the SMB implementation used in Windows." As a result, it may be reasonable to expect that any software using SMB will be impacted. Johannes Loxen, SerNet's CEO, even spread speculation that with Badlock, attackers could obtain administrative access to local networks because the vulnerability would mean "admin accounts for everyone on the same LAN." Again, nothing is certain, but even contemplating the implications of such an uncertainty should light a fire underneath you. Managing Badlock has to be Priority 1. 

How MSPs Can Prepare

"Thinking will not overcome fear but action will." ~W. Clement Stone~

You may be thinking that you don't have to worry about Badlock until April 12th since you don't know what it is you're dealing with. Ever since Stefan Metzmacher, a member of the international Samba Core Team, discovered and reported the bug, there's been a lot of hype around Badlock and what it means for users. Some even question the point of announcing the presence of a vulnerability weeks before MSPs and IT service providers can correct it. Still, all MSPs should take advantage of this 20-day advanced notice. Complete any other projects and tasks beforehand so you can devote April 12th to test and deploy patches. Additionally, make sure you'll have the sysadmin resources required to successfully apply the patches. As far as which patches will be available, the Badlock website lists >Samba 4.4, Samba 4.3 and Samba 4.2. It is also important to note that all Windows machines are expected to be impacted. 


If you're a Continuum partner...

We understand the matter is time-sensitive and that in order to prevent exploits, our partners need to patch ASAP. In response, we'll be whitelisting this patch immediately upon its release so that it is available to you. Please see this thread in Collaborate, our private online partner community, for more information.

For more information and updates, be sure to check out the official Badlock website. In the meantime if you have not already, set a reminder or circle April 12th as the day the mystery of Badlock is unlocked. Then, prepare your team to act fast so as not to give hackers the keys to your clients' Windows kingdoms.


See also:

Meet Mary! Mary McCoy is a Senior Demand Generation Programs Manager at Continuum, where she's worked for over two years. Mary has consulted with hundreds of partners, lending website, blog and social media support. Before that, she graduated from the University of Virginia (Wahoowa!) with a BA in Economics and served as digital marketing intern for Citi Performing Arts Center (Citi Center), spearheading the nonprofit’s #GivingTuesday social media campaign. Like her school’s founder, Thomas Jefferson, Mary believes learning never ends. She considers herself a passionate, lifelong student of content creation and inbound marketing.

RMM 101: Must-Haves for Your IT Management Solution
MSP Guide to Managed Services SLAs  [white paper]
comments powered by Disqus