J'ai trouvé: - July 8, 2025—KB 5062572 (OS Build 20348.3932) https://support.microsoft.com/en-us/topic/july-8-2025-kb-5062572-os-build-20348-3932-d78a2b2a-1ce8-45ee-85a0-e51a897ec67f [Microsoft RPC Netlogon protocol] This update includes a security hardening change to the Microsoft RPC Netlogon protocol. This change improves security by tightening access checks for a set of remote procedure call (RPC) requests. *>*>*After this update is installed, Active Directory domain controllers will no longer allow anonymous clients to invoke some RPC requests through the Netlogon RPC server.*<*<* These requests are typically related to domain controller location. Certain file and print service software can be affected, including Samba. If your organization uses Samba, please refer to the Samba release notes.
Que, à priori cela concerne les requêtes anonymes... Mais en trouvant cela, j'ai aussi vu ça: Windows Secure Boot certificate expiration Important: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. This might affect the ability of certain personal and business devices to boot securely if not updated in time. To avoid disruption, we recommend reviewing the guidance and taking action to update certificates in advance. For details and preparation steps, see Windows Secure Boot certificate expiration and CA updates. - Windows Secure Boot certificate expiration and CA updates https://support.microsoft.com/en-us/topic/windows-secure-boot-certificate-expiration-and-ca-updates-7ff40d33-95dc-4c3c-8725-a9b95457578e Important When the 2011 CAs expire, Windows devices that do not have new 2023 certificates can no longer receive security fixes for pre-boot components compromising Windows boot security. Important Without updates, the Secure Boot-enabled Windows devices risk not receiving security updates or trusting new boot loaders which will compromise both serviceability and security. Le bug de l'an prochain!! Le Wed, Jul 16, 2025 at 02:48:52PM +0000, TISSOT Jacques via gull a écrit : > Bonjour, > > Il y a prochainement (fin juillet, je crois) un nouveau dispositif de > sécurité sur les contrôleurs de domaine AD. > > Quelqu'un peut-il m'orienter sur l'implication Samba installé sur une Debian > Bookworm (Samba V4.17) ? Que devrais-je vérifier dans ma config pour > constater que cela me concerne ? > > Merci pour votre aide > > Meilleures salutations > > Jacques -- Félix Hauri - <fe...@f-hauri.ch> - http://www.f-hauri.ch _______________________________________________ gull mailing list gull@forum.linux-gull.ch https://forum.linux-gull.ch/mailman/listinfo/gull
