Samba has released security updates for versions 4.24.3, 4.23.8, and 4.22.10 to address six critical vulnerabilities, including remote code execution flaws in the printing subsystem and SAMR interface, which could allow unauthorized command execution. The updates also fix a WINS server denial of service vulnerability, restore access controls on reparse points, and enforce secure certificate fetching over LDAP. System administrators are urged to apply these patches promptly to safeguard shared drives and Active Directory integrations against potential exploits. Proper procedures for applying the updates include verifying GnuPG signatures, stopping the Samba service during the update, and confirming the version post-installation to ensure a secure environment

Samba 4.24.3, 4.23.8, and 4.22.10 released

Samba has released immediate security updates for versions 4.24.3, 4.23.8, and 4.22.10 to patch six critical vulnerabilities that could compromise file servers and domain controllers. The most dangerous fixes target remote code execution flaws in the printing subsystem and SAMR interface, which previously allowed unauthenticated attackers to run arbitrary commands. Additional patches close a WINS server denial of service vulnerability, restore proper access controls on reparse points, block a WORM module bypass, and enforce secure certificate fetching over LDAP instead of plain HTTP.

Samba 4.24.3, 4.23.8, and 4.22.10 released @ Linux Compatible