Please contact your support team if you have a question or need assistance for any Rackspace products, services, or articles.
On April 12, 2016, Rackspace received official notice of the SMB Badlock vulnerability (CVE-2016-2118 and CVE-2016-0128). Badlock affects both Windows and Samba, an open source protocol that simplifies the use of Active Directory in mixed Linux and Windows environments.
Microsoft rates this vulnerability as "important" and recommends users update their systems at the earliest opportunity. As a safeguard, Rackspace will send the patches during your normal patching schedule. Customers not currently enrolled in automatic patching can contact their support team to enroll. Customers running Windows 2003 will not receive patches for this vulnerability unless they have purchased extended licensing from Microsoft.
To patch your environments manually or ahead of schedule, please use the links included below for generic patching instructions and vulnerability-specific information:
Generic Windows Patching Instructions: https://community.rackspace.com/general/f/34/t/7164Generic Linux Patching Instructions: https://community.rackspace.com/general/f/34/t/7165MS patch: https://technet.microsoft.com/library/security/ms16-047RHEL: https://access.redhat.com/security/vulnerabilities/badlockCentOS: TBDUbuntu: http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2118.htmlDebian: https://security-tracker.debian.org/tracker/CVE-2016-2118
As we receive patch information from manufacturers, we will update this post. Please note: for Windows Servers, a server reboot is required to activate these patches. A reboot is not necessary on Linux servers.
To remain updated on this issue, please subscribe to this community post.
CentOS patches are now available as well. Here are the relevant posts on the centos-announce mailing list: