Critical Windows SMB security warning
In response to CVE-2022-38023, Microsoft is removing support for RPC Signing in the Netlogon server, instead requiring Sealing when establishing a 'secure channel'. More details can be found here: https://support.microsoft.com/en-us...22-38023-46ea3067-3989-4d40-963c-680fd9e8ee25 and here: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38023
Timeline
June, 13: signing remains possible but cannot disable sealing on Windows server
July, 11: sealing is enforced, no authentication without sealing
Action
Update at least every AD member device like Windows or AD members like OmniOS or SAMBA prior July 11 !!
For an Illumos/OmniOS OS/ZFS kernelbased SMB server as an AD member the sealing feature is under final approvement
forums.servethehome.com
Newest SAMBA supports sealing
In response to CVE-2022-38023, Microsoft is removing support for RPC Signing in the Netlogon server, instead requiring Sealing when establishing a 'secure channel'. More details can be found here: https://support.microsoft.com/en-us...22-38023-46ea3067-3989-4d40-963c-680fd9e8ee25 and here: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38023
Timeline
June, 13: signing remains possible but cannot disable sealing on Windows server
July, 11: sealing is enforced, no authentication without sealing
Action
Update at least every AD member device like Windows or AD members like OmniOS or SAMBA prior July 11 !!
For an Illumos/OmniOS OS/ZFS kernelbased SMB server as an AD member the sealing feature is under final approvement
OmniOS -- Netlogon RPC Sealing Support
Am I missing something? What is the status of support in OmniOS for Microsoft's requirement of RPC sealing coming July 11, 2023 (two months) already pushed back. It addresses CVE-2022-38023 & CVE-2023-28268. I continue to get NETLOGON 5838 warnings from OmniOS requests even with the latest...
forums.servethehome.com
Newest SAMBA supports sealing
Zuletzt bearbeitet:
