Security News > 2020 > September > As you're scrambling to patch the scary ZeroLogon hole in Windows Server, don't forget Samba – it's also affected
Administrators running Samba as their domain controllers should update their installations as the open-source software suffers from the same ZeroLogon hole as Microsoft's Windows Server.
We're told Samba running as an Active Directory or classic NT4-style domain controller is at risk, and although file-server-only installations are not directly affected, "They may need configuration changes to continue to talk to domain controllers."
"File servers and domain members do not run the netlogon service in supported Samba versions and only need to ensure that they have not set 'client schannel = no' for continued operation against secured DCs such as Samba 4.8 and later and Windows DCs in 2021," Bartlett and Bagnall added.
"Users running Samba as a file server should still patch to ensure the server-side mitigations do not very rarely impact service."
The hole is addressed in Samba 4.10.18, 4.11.13, and 4.12.7.
News URL
https://go.theregister.com/feed/www.theregister.com/2020/09/22/samba_zerologon_patch/
Related news
- Microsoft pitches pay-to-patch reboot reduction subscription for Windows Server 2025 (source)
- Microsoft: Windows Server 2025 restarts break connectivity on some DCs (source)
- New Windows Server emergency updates fix container launch issue (source)
- Microsoft fixes Windows Server 2025 blue screen, install issues (source)
- Microsoft: Windows Server hotpatching to require subscription (source)
- Microsoft: April updates cause Windows Server auth issues (source)
- ThreatLocker Patch Management: A Security-First Approach to Closing Vulnerability Windows (source)
- Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise (source)
- Unpatched Windows Server vulnerability allows full domain compromise (source)
- Windows Server emergency update fixes Hyper-V VM freezes, restart issues (source)