Is SecureAuth IdP Impacted by the Badlock Bug?

This article discusses the recently publicized Badlock Bug and its impact on SecureAuth IdP Appliances.

The Badlock Bug impacts both the Open-Source SAMBA software and various versions of the Microsoft Windows family of products. The vulnerability for SAMBA is tracked under CVE-2016-2118 while the Windows vulnerability is tracked under Microsoft Security Bulletin MS16-047. The security vulnerabilities are primarily categorized as a man-in-the-middle attack (MITM) or denial-of-service (DoS) attack. SecureAuth IdP does not leverage the SAMBA OSS and as such is not vulnerable to the exploit detailed in CVE-2016-2118. As a Windows-based product, however, SecureAuth IdP is impacted by the vulnerability discussed in Microsoft Security Bulletin MS16-047.

To protect the SecureAuth IdP environment from the Badlock Bug, SecureAuth Corporation recommends reviewingMicrosoft Security Bulletin MS16-047 and applying this important update at the earliest possible opportunity to all appliances