I know we have a lot of HardOCP readers that use Linux systems at home, and if you use the Samba networking utility, now is the time to pay attention.

A newly found flaw in widely used networking software leaves tens of thousands of computers potentially vulnerable to an attack similar to that caused by WannaCry, which infected more than 300,000 computers worldwide, cybersecurity researchers said on Thursday.

If you have not patched up very recently, you should do so now. Reuters is pointing out that most folks running the Samba software are home users, and very likely using older versions of the software that can NOT be patched. And according to this Twitter post, there is not a whole lot to getting the exploit running, so be careful with your traffic.

Samba is aware of this and has issued this warning, CVE-2017-7494.html:

A patch addressing this defect has been posted to

http://www.samba.org/samba/security/

Additionally, Samba 4.6.4, 4.5.10 and 4.4.14 have been issued as
security releases to correct the defect. Patches against older Samba
versions are available at http://samba.org/samba/patches/. Samba
vendors and administrators running affected versions are advised to
upgrade or apply the patch as soon as possible.

==========
Workaround
==========

Add the parameter:

nt pipe support = no

to the [global] section of your smb.conf and restart smbd. This
prevents clients from accessing any named pipe endpoints. Note this
can disable some expected functionality for Windows clients.

Thanks to Monkey34 for the heads up.

Discussion

Source: [H]ardOCP – Wormable WannaCry Type Vulnerability for Linux & Unix with Samba