Comprehensive data protection for all workloads
Post Reply
JHuston
Enthusiast
Posts: 36
Liked: 5 times
Joined: May 29, 2018 1:06 pm
Full Name: Jeff Huston
Contact:

Petitpotam vulnerability patch released may affect backup software?

Post by JHuston »

I was just alerted by my security team that Microsoft has released a patch in the next monthly rollup to mitigate the Petitpotam vulnerability.

A blurb in their release notes states that: "This security update blocks the affected API calls OpenEncryptedFileRawA and OpenEncryptedFileRawW through LSARPC interface." and "Microsoft warns that installing this update may affect backup software that utilizes the EFS API OpenEncryptedFileRaw(A/W) function."

Will this affect Veeam in any way?
Gostev
Chief Product Officer
Posts: 31806
Liked: 7300 times
Joined: Jan 01, 2006 1:01 am
Location: Baar, Switzerland
Contact:

Re: Petitpotam vulnerability patch released may affect backup software?

Post by Gostev » 1 person likes this post

Based on this, image-level backups obviously should not be affected. So vast majority of our customers have nothing to worry about.

At a first sight, it seems that any possible impact would be limited to Veeam Agent for Windows (file-level backup mode) and Veeam Backup & Replication (NAS backup functionality) when those are set to protect files hosted on EFS volumes. So these will need to be tested once the patch is available.
Post Reply

Who is online

Users browsing this forum: anthonyspiteri79, Majestic-12 [Bot] and 289 guests