broken lock (By Sergey Nivens/

US-CERT urges fast patch to Samba vulnerability

Barely a week after the WannaCry ransomware infected hundreds of thousands of systems around the globe, the Department of Homeland Security announced yet another flaw that exploits the Windows server message block and could open the door to mass attacks.

The new flaw is in Samba, an open source software suite that provides Windows-based file and print services for Unix and Linux systems. 

"A remote attacker could exploit this vulnerability to take control of an affected system," the DHS's US Computer Emergency Readiness Team warned in a May 24 notice. "US-CERT encourages users and administrators to apply the necessary updates, or refer to their Linux or Unix-based OS vendors for appropriate patches."

Samba's security announcement provides both a patch for newer versions and a configuration workaround for older, unsupported versions. The organization noted that "all versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it."

Rebekah Brown of the cybersecurity company Rapid7 told Reuters there were no immediate signs of the vulnerability being exploited, but she said it had taken researchers only 15 minutes to develop malware that could do so.

The flaw reportedly can be executed with just one line of code. Version 3.5.0 of the Samba software was released more than seven years ago.

About the Author

Troy K. Schneider is editor-in-chief of FCW and GCN, as well as General Manager of Public Sector 360.

Prior to joining 1105 Media in 2012, Schneider was the New America Foundation’s Director of Media & Technology, and before that was Managing Director for Electronic Publishing at the Atlantic Media Company. The founding editor of, Schneider also helped launch the political site in the mid-1990s, and worked on the earliest online efforts of the Los Angeles Times and Newsday. He began his career in print journalism, and has written for a wide range of publications, including The New York Times,, Slate, Politico, National Journal, Governing, and many of the other titles listed above.

Schneider is a graduate of Indiana University, where his emphases were journalism, business and religious studies.

Click here for previous articles by Schneider, or connect with him on Twitter: @troyschneider.


  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

  • Marines on patrol (US Marines)

    Using AVs to tell friend from foe

    The Defense Advanced Research Projects Agency is looking for ways autonomous vehicles can make it easier for commanders to detect and track threats among civilians in complex urban environments without escalating tensions.

Stay Connected