[1]BADLOCK - Are 'Branded' Exploits Going Too Far?: So there's been hype about this big exploit coming, for over a month, before anything was released. It had a name, [2]a website and a logo - and it was called Badlock. And now it's out, and it's more like Sadlock - really a local network DoS against DCE/RPC services on Windows and Linux with some slight chance of pulling off a MiTM. No remote code exeuction, not even privilege escalation. ... Microsoft hasn't even labelled it as critical, merely important. Crucial? As it was marketed, hardly. ... There is a whole list of CVE's related, none of them are really critical. Another questionable point is that the person who 'discovered' these bugs, is a member of Samba Core Team..and works on Samba. So it's like hey, here's a bunch of vulnerabilities I found in my own software, let's make a logo for them and give them a name (which doesn't even really related to the vulns). So yah there's nothing really wrong with branding a vulnerability, to get awareness about something critical - get press coverage and get people fixing it. But this? This is a minor bug, with no real major production impact, only exploitable over a LAN which at words allows for a MiTM. ... A saw a great quote on Twitter..it went something like: "All these names for exploits are getting confusing and can be hard to remember/categorise - soon we'll need to invent some kinda system that assigns numbers to vulnerabilities..." LOL indeed. Are these bugs important enough to patch? Oh yes, absolutely. Did they need a month of marketing, a logo and a name to raise awareness? Absolutely not. They could have slid into regular, automated patch updates along with all other 'important' patches. It could have been a interesting story about a whole series of bugs in SAMBA, but it became a huge discussion about the Badlock clownshow. Sad. (Via [3]Darknet - The Darkside) I can't agree with this article more. It's a great read. I didn't mean to quote quite so much, but I get a hoot out of the story. We spoke about this on [4]PVC Security podcast when the story first broke. It looks like most if not all of our predictions came true. __________________________________________________________________ My original entry is here: [5]BADLOCK - Are 'Branded' Exploits Going Too Far? A: Yes!. It posted Fri, 15 Apr 2016 20:31:57 +0000. Filed under: badlock, fud, full disclosure, InfoSec, References 1. http://feedproxy.google.com/~r/darknethackers/~3/LlwhHMgBg7M/ 2. http://badlock.org/ 3. http://feeds.feedburner.com/darknethackers 4. https://www.pvcsec.com/ 5. https://www.prjorgensen.com/2016/04/15/badlock-are-branded-exploits-going-too-far-a-yes/