A recent vulnerability was discovered in Microsoft's implementation of SMB3 which could allow for unauthorized remote execution of code. The vulnerability can be exploited through the manipulation of compressed data packets.
The Authentications Services SMB client is not vulnerable to exploitation through this method.
As this vulnerability is only found in SMB3 packets using compression, a workaround to avoid exposure to this issue is to disable SMB3 compression. If you choose to make this change Authentication Services is able to work with DC’s that have compression disabled.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center