Thank you for visiting the Rackspace Community
The The Community is live! Post new content or topics so our teams can assist.

Please contact your support team if you have a question or need assistance for any Rackspace products, services, or articles.

IMPORTANT NOTICE: SMB Badlock Vulnerability (CVE-2016-2118 and CVE-2016-0128)

On April 12, 2016, Rackspace received official notice of the SMB Badlock vulnerability (CVE-2016-2118 and CVE-2016-0128). Badlock affects both Windows and Samba, an open source protocol that simplifies the use of Active Directory in mixed Linux and Windows environments.

Microsoft rates this vulnerability as "important" and recommends users update their systems at the earliest opportunity. As a safeguard, Rackspace will send the patches during your normal patching schedule. Customers not currently enrolled in automatic patching can contact their support team to enroll. Customers running Windows 2003 will not receive patches for this vulnerability unless they have purchased extended licensing from Microsoft.

To patch your environments manually or ahead of schedule, please use the links included below for generic patching instructions and vulnerability-specific information:

Generic Windows Patching Instructions: https://community.rackspace.com/general/f/34/t/7164
Generic Linux Patching Instructions: https://community.rackspace.com/general/f/34/t/7165
MS patch: https://technet.microsoft.com/library/security/ms16-047
RHEL: https://access.redhat.com/security/vulnerabilities/badlock
CentOS: TBD
Ubuntu: http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2118.html
Debian: https://security-tracker.debian.org/tracker/CVE-2016-2118

As we receive patch information from manufacturers, we will update this post. Please note: for Windows Servers, a server reboot is required to activate these patches. A reboot is not necessary on Linux servers.

To remain updated on this issue, please subscribe to this community post.