Upgrade Now if You’re Using CIFS


April 12, 2012

If you are using CIFS/Windows shares on your FreeNAS 8.0.x system, you are urged to update to 8.0.4-RELEASE-p1 immediately.

Earlier this week, a vulnerability was discovered in Samba that allows remote code execution as the root user from an anonymous connection. All versions of Samba were affected. You can read more about the vulnerability here.

Since FreeNAS uses Samba to provide CIFS/Windows shares, unpatched systems are susceptible to this vulnerability. 8.0.4-RELEASE-p1 contains the necessary patch and is available for download here. Instructions for upgrading FreeNAS are in section 4.6 of the Guide.


Share On Social: