BADLOCK: SMB/DCERPC MITM enabling Active Directory database access. Apply April 2016 patches. Enforce SMB signing across all endpoints to prevent MITM. Monitor for unusual SAMR/LSAD protocol activity in your SIEM.
The SAM and LSAD protocol implementations in Microsoft Windows Vista SP2, 7 SP1, 8.1/RT 8.1, Server 2008 SP2/R2 SP1, 2012 Gold/R2 allow man-in-the-middle attackers to impersonate an authenticated user (BADLOCK).
Supernova subscribers receive AI-triaged CVE alerts the moment they're published — before the PoC drops.
Start Supernova — $99/mo →