Following the massive WannaCry event, the mantra among security folks is push patches to vulnerabilities as soon as they are released.
US-CERT issued a warning late last week that there is a newly discovered flaw, CVE-2017-7494, that exists in Samba, which can be exploited via mass attacks. Samba provides Windows-based file and print services for Unix and Linux systems.
According to US-CERT, “all versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to lead and execute it.” Basically, this means that if an intruder is successful in gaining access to a device, it can take over the device by acquiring root level access permissions.
Samba has released patches for versions 4.4 and newer, but it appears there are no patches for versions prior to 4.4. Samba recommends that “vendors and administrators running affected versions are advised to upgrade or apply the patch as soon as possible.”