Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about the Samba vulnerability discovered by Trend Micro. Also, read about the White House’s warning of Russian hacks as tensions with Ukraine grow.
The Samba Vulnerability: What is CVE-2021-44142 and How to Fix It
An earlier version of an out-of-bounds (OOB) vulnerability in Samba was disclosed via Trend Micro Zero Day Initiative’s (ZDI) Pwn2Own Austin 2021. While we have not seen any active attacks exploiting this vulnerability, CVE-2021-44142 received a CVSS rating of 9.9 out of the three variants reported. If abused, this security gap can be used by remote attackers to execute arbitrary code as root on all affected installations that use the virtual file system (VFS) module vfs fruit.