SECURITY RESEARCHERS have predicted a world of pain following Microsoft’s decision to include a Linux subsystem in the recent Windows 10 Anniversary Update.
Security company CrowdStrike said that this has increased the chessboard of possible attacks to a ruddy great Go board.
The main problem stems from the fact that the two kernels have direct access to each other – no hypervisors, just two systems with identical access.
It’s a bit of a crazy face-palm moment, really. Who did it not occur to that Windows and Linux apps could be modified by each other, bypassing the patches put in place natively?
Code injection is just one example of how a Windows program could attack a Linux app. Once the code is injected, if the infected Linux application makes a call back to Windows, it will be trusted and could trigger some proper borkage.
In other words, catch the tiger by the tail, which then, in turn, pussy-whips the tiger upside the head.
CrowdStrike also suggested that savvy users will be able to run Linux versions of apps that have been disabled in Windows, and there’s not a lot that the sysadmin can do about it.
Of course, there’s a very simple workaround. Don’t turn on Linux Bash on the machine. Plus, of course, at the moment no-one has actually done this yet.
But, with our usual cocked eyebrow, we do find ourselves wondering why, after the levels of excitement over the addition of Bash to Windows, Microsoft couldn’t have just waited a little bit longer and thought it through a little bit more. Just a bit?
Well, apparently not. Because it appears that the decision was taken deliberately to ensure that the Linux subsystem works at a reasonable speed. In other words, Microsoft admitted that its Hyper-V containers are a bit pants. For shame. µ