[cifs-protocol] Anonymous access to lsarpc changes (LSA Spoofing): Can I please get any doc updates for https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26925

Andrew Bartlett abartlet at samba.org
Tue May 10 21:42:53 UTC 2022

Kia Ora Dochelp,

Can you please point me at the protocol Doc updates for CVE-2022-26925
please, as no errata is showing at 
https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-winprotlp/8a9c667b-2825-46a8-8066-a80681233c33 and I believe it is important for Samba to be able to mitigate
this issue also.

I have long wanted to lock down anonymous access to Samba's RPC
services and I think this might allow us to do so in a way that matches
windows, so details of the protocol visible changes would be most


Andrew Bartlett
Andrew Bartlett (he/him)       https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead, Catalyst IT   https://catalyst.net.nz/services/samba

Samba Development and Support, Catalyst IT - Expert Open Source

More information about the cifs-protocol mailing list