cuspess Posted May 26, 2017 Share #1 Posted May 26, 2017 It seems that Synology has released a security patch yesterday to address the potential vulnerability of DSM in relation to recent WannaCry attacks. Xpenology usually is quite stable once you got the bootloader all working bug free; but it is the time like these that could cause problem to xpenology users, just like synolock back in 2014. Xpenology users are limited to certain version, depends on the bootloader version they are using. For instance some user are still on DSM 5.x which their bootloader doesn't support further update or a complete upgrade of bootloader is require if to upgrade to DSM 6; same applies to those, and including myself, who yet to get the newer bootload which support DSM 6.1 to work with their machine. My queries, with the difficulties mentioned above, how do we protect ourselves from security vulnerability? Version: 6.1.1-15101-4 (2017/05/25) Important Note The update is expected to be available for all regions within the next few days, although the time of release in each region may vary slightly. Fixed Issues Fixed a security vulnerability regarding samba service (CVE-2017-7494). Quote Link to comment Share on other sites More sharing options...
Elpee Posted May 26, 2017 Share #2 Posted May 26, 2017 I'm on the same boat to ask. Quote Link to comment Share on other sites More sharing options...
Salah Posted May 26, 2017 Share #3 Posted May 26, 2017 But if you can not upgrade to the latest versions of Samba immediately, you can work around the vulnerability by adding the following line to your Samba configuration file smb.conf: nt pipe support = no Quote Link to comment Share on other sites More sharing options...
filippo333 Posted May 26, 2017 Share #4 Posted May 26, 2017 If you're using Jun's 1.0.2a2 loader it's pretty safe to update to U4. So far going from no update all the way to U4 has caused no issues for me. Quote Link to comment Share on other sites More sharing options...
cuspess Posted May 27, 2017 Author Share #5 Posted May 27, 2017 If you're using Jun's 1.0.2a2 loader it's pretty safe to update to U4. So far going from no update all the way to U4 has caused no issues for me. Sure enough if you already got Jun's 1.0.2a2 or 1.0.2a working with your machine, then you are safe. I personally encountered Error 13 with both loader and just couldn't get it working with my rig. And this post is about people like me not able to update to these 2 loader with bug free DSM 6.1 installed. Recommendation like Salah's is quite useful. There we have a hint what could be done if we could not upgrade to DSM 6.1.1-U4. Now if Salah can elaborate more this method, that would be great. Quote Link to comment Share on other sites More sharing options...
Dfds Posted May 27, 2017 Share #6 Posted May 27, 2017 But if you can not upgrade to the latest versions of Samba immediately, you can work around the vulnerability by adding the following line to your Samba configuration file smb.conf:nt pipe support = no An explanation can be found here: https://www.samba.org/samba/security/CVE-2017-7494.ht Quote Link to comment Share on other sites More sharing options...
Salah Posted May 28, 2017 Share #7 Posted May 28, 2017 https://www.samba.org/samba/security/CVE-2017-7494.html Also it's not wanna cry its an old bug that could be used with other exploits Quote Link to comment Share on other sites More sharing options...
Salah Posted May 28, 2017 Share #8 Posted May 28, 2017 If you're using Jun's 1.0.2a2 loader it's pretty safe to update to U4. So far going from no update all the way to U4 has caused no issues for me. Not true as update will mess with drivers Quote Link to comment Share on other sites More sharing options...
UNSC-117 Posted June 2, 2017 Share #9 Posted June 2, 2017 If you're using Jun's 1.0.2a2 loader it's pretty safe to update to U4. So far going from no update all the way to U4 has caused no issues for me. Not true as update will mess with drivers Not really loader and syno version will work as no major changes where make it is still 6.1.1 Im on u4 baremetal Quote Link to comment Share on other sites More sharing options...
GaryM Posted June 16, 2017 Share #10 Posted June 16, 2017 Update to U4 is safe. Works for me! Quote Link to comment Share on other sites More sharing options...
Lordbl4 Posted June 16, 2017 Share #11 Posted June 16, 2017 2 часа назад, GaryM сказал: Update to U4 is safe all security updates (from 1 to 4) for DSM 6.1.1-15101 was safe for me. В 26.05.2017 в 18:46, cuspess сказал: how do we protect ourselves from security vulnerability? install security updates in time after release, syno very careful about users and make updates so fast. if you worry about "brick-station" after update - test it on virtual machines or on test enviroment before install. AFAIK, minor updates (like a 15101 Update from 1 to 4) have less numbers of fails on XPENology than major updates (like a 6.1.2-15132 from 6.1.1-15101). Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.