The "Badlock" vulnerability

The details for the "Badlock" vulnerability in the SMBDCE-RPC protocol have finally been disclosed, along with theobligatory logo and domain name; there is no word on the availability ofhats and T-shirts yet. It is a man-in-the-middle attack that can allow anattacker to access files in an SMB share, or gain access to Active Directoryadministrative tools, with the permissions of theintercepted user. "Please update your systems. We are pretty sure that there will be exploits soon.Engineers at Microsoft and the Samba Team worked together during the past months to get this problem fixed."