vissha Posted August 8, 2016 Share Posted August 8, 2016 Linux Subsystem Creates New Security Risks on Windows 10 Vulnerabilities caused by Linux on Windows 10 Quote One of the big changes implemented in Windows 10 Anniversary Update is the addition of a Linux subsystem that basically allows users to run Linux applications on top of Microsoft’s own Windows 10 operating system. And while this implementation comes in super handy to developers, the Linux subsystem creates additional risks for Windows 10 computers, according to Alex Ionescu, chief architect at security company Crowdstrike. In an attempt to improve the performance of the Linux subsystem on Windows 10, Microsoft offered direct access to raw hardware, so Linux applications aren’t launched in a Hyper-V container that could help isolate processes and any threats that might be associated with it, the expert explains, according to eWeek. And because of this, Linux has full system access, and this is a double-edged sword that could easily backfire in case a hacker manages to inject malicious code into a Linux application. Furthermore, Linux apps have access to the same files and folders as their Windows siblings, so it’s not difficult to see where this could be going in case of a successful attack. Kernel updates on Patch Tuesday Microsoft isn’t using an Ubuntu Linux kernel, but its own software, and updates are delivered through Windows Update, just like all the other Windows patches, so security fixes should land on the second Tuesday of each month, when Microsoft is holding its regular Patch Tuesday. The security expert claims that his company had already identified several security issues with the way Linux is implemented into Windows 10 and reported them to Microsoft before the public launch of the Windows 10 Anniversary Update debuted. Some have already been fixed, he says, but the risk of new vulnerabilities remains. “In some case, the Linux environment running in Windows is less secure because of compatibility issues,” Ionescu is quoted as saying. “There are a number of ways that Windows applications could inject code, modify memory and add new threats to a Linux application running on Windows.” On the bright side, the Linux subsystem isn’t activated by default in Windows 10 Anniversary Update, so users need to manually install the necessary packages. To do this, click the Start menu, type “Turn Windows features on or off” and press Enter, select the “Windows Subsystem for Linux (Beta)” and wait for the downloading and installation process to complete. Source My Comment: Linux/Ubuntu is only secure than Windows in most cases when it is individually installed. However, Windows 10 having Ubuntu & Bash inbuilt creates more security risks than any other Windows versions, even XP/Vista. I'm sure Windows Defender can't do anything if the vulnerability patches/kernel updates not applied on time since MS isn't like Canonical in providing patches. Final Call: Do you still think Windows 10 is secure than any other older versions? I don't think so. Link to comment Share on other sites More sharing options...
SnakeMasteR Posted August 8, 2016 Share Posted August 8, 2016 Wow man, a Beta having bugs, who knew? That Crowdstrike guy must be a true genius. Seriously, at least it could be mentioned more obvious, it's almost hidden. Link to comment Share on other sites More sharing options...
Holmes Posted August 8, 2016 Share Posted August 8, 2016 I know thats what I was going to say to its a beta there are going to be bugs in it. Link to comment Share on other sites More sharing options...
steven36 Posted August 8, 2016 Share Posted August 8, 2016 36 minutes ago, n0_risk! said: Wow man, a Beta having bugs, who knew? Microsoft and Ubuntu are not too much different in this respect . Whenever ether one releases a new release its full of bugs the beta testers didn't find and they dont get fixed tell latter on in some updates . Both have there good points and bad points .The good thing about Ubuntu they have LTS releases for everyone that last 5 years .The bad thing newer versions dont work on all hardware yet because of display drivers .The Good Thing about Windows 10 that they have working display drivers but the bad thing is if you have problems and have to go back to TH2 you have to lock down the updates exposing yourself to security risk. Or install a different O/S . But with millions of people still on XP and its full of security risk and no one seem too care do they have updates or not makes you wonder if most of these scary news post about computers are not just over blown to scare people?. Me myself have not had a virus or malware since the early 2000s . I dont fear the fear that feeds me . I still use a outdated version of Firefox with all the features i like . Link to comment Share on other sites More sharing options...
tiliarou Posted August 8, 2016 Share Posted August 8, 2016 We are not talking about simple bugs here, we are talking about security issue, which is not the same. As a beta feature, it requires extra care, but what the article is about is that it brings a new level of vulnerabilities due to Linux implementation. Link to comment Share on other sites More sharing options...
steven36 Posted August 8, 2016 Share Posted August 8, 2016 28 minutes ago, tiliarou said: We are not talking about simple bugs here, we are talking about security issue, which is not the same. As a beta feature, it requires extra care, but what the article is about is that it brings a new level of vulnerabilities due to Linux implementation. Millions of people are still on XP and it has shell shock since 2014 this is just one of many serous bugs that never was patched , there are serous bugs in everything the only ones you know about are the ones researchers find ., If you let every bug worry you and people cared like they claim they would not touch a PC. https://en.wikipedia.org/wiki/Shellshock_(software_bug) If you are worried about this bug in the OP roll back to TH2 lock down the updates and enterprise TH2 will get updates for serous bugs found in th2 tomorrow but you want because you locked down updates All OS month after month .year after year is nothing but one big band aid .You are chasing a fix in reality you will never get. Many people dont do updates I talk to some who never done them ever and they never had any problems members on this site.. So you tell me if its not over blown? Link to comment Share on other sites More sharing options...
tiliarou Posted August 8, 2016 Share Posted August 8, 2016 It's always better to make updates (when they don't bring bugs themselves^^) and of course it's a never ending exercise to fix security issues. At least if you are doing update you limit the risks even if you will never be 100% risk free. Yes many people don't do update and yet don't get infected/hacked, but it doesn't mean it can't happen anytime. Yet, by updating you are limiting the chance of it to happen. Then everyone is free to keep is OS up to date or not... Link to comment Share on other sites More sharing options...
steven36 Posted August 8, 2016 Share Posted August 8, 2016 1 hour ago, tiliarou said: It's always better to make updates (when they don't bring bugs themselves^^) and of course it's a never ending exercise to fix security issues. At least if you are doing update you limit the risks even if you will never be 100% risk free. Yes many people don't do update and yet don't get infected/hacked, but it doesn't mean it can't happen anytime. Yet, by updating you are limiting the chance of it to happen. Then everyone is free to keep is OS up to date or not... I will do my updates tomorrow buddy and apply my band aid like i done month after month, ,year after year . But not every one is lucky enough to even get RS1 to work even. So they will be millions of people on all O/S that want take updates like its always been. That's why Microsoft claim they made Windows 10 the way it was were cant you turn them off was because lots of people dont do updates or done the ones they wanted. Updates can be beneficial but they can also botch you're PC were you have to recover ..Its a two edge sword. As far as getting infected/hacked that can happen if you install updates are not .Any vulnerabilities found in Windows have a 3 month grace period to be patched before they make them pubic . Microsoft added bash to preview builds of windows 10 back in April, exposing insiders for months. They want us too take them when they want , but they take there time at patching them . On Linux they get patched really fast by the time you read about it there already out or on the way. Back in the early xp days i got infected from going to windows update page .Microsoft update page got hacked with a virus. 3 hours ago, vissha said: On the bright side, the Linux subsystem isn’t activated by default in Windows 10 Anniversary Update, so users need to manually install the necessary packages I dont have this mess even installed on Windows so im not even effected by this , Most people are not i have Linux on a different partition using the real Linux Kernel. If you want to use Linux use Linux i dont want to use it on Windows when I'm on Windows I want to use Windows lol. What if this update to patch this messes up you're PC and you dont have bash they caused you problems for updates you didn't need ? That's the downside with cumulative updates they always patching stuff not everyone uses.and breaking stuff they do.. Link to comment Share on other sites More sharing options...
edwardecl Posted August 8, 2016 Share Posted August 8, 2016 So this Linux subsystem is Linux minus user/filesystem permissions? if so good luck with that. Link to comment Share on other sites More sharing options...
Batu69 Posted August 9, 2016 Share Posted August 9, 2016 A researcher exposes design and control flaws in Windows 10 versions that have the capability to run Linux. LAS VEGAS—Embedded within some versions of the latest Windows 10 update is a capability to run Linux. Unfortunately, that capability has flaws, which Alex Ionescu, chief architect at Crowdstrike, detailed in a session at the Black Hat USA security conference here and referred to as the Linux kernel hidden in Windows 10. In an interview with eWEEK, Ionescu provided additional detail on the issues he found and has already reported to Microsoft. The embedded Linux inside of Windows was first announced by Microsoft in March at the Build conference and bring some Ubuntu Linux capabilities to Microsoft's users. Ionescu said he reported issues to Microsoft during the beta period and some have already been fixed. The larger issue, though, is that there is now a new potential attack surface that organizations need to know about and risks that need to be mitigated, he said. "In some case, the Linux environment running in Windows is less secure because of compatibility issues," Ionescu said. "There are a number of ways that Windows applications could inject code, modify memory and add new threats to a Linux application running on Windows." The modified Linux code in turn could then call Windows APIs and get access to system calls to perform malicious actions that might not be mitigated. "So you have a two-headed beast that can do a little Linux and can also be used to attack the Windows side of the system," Ionescu said. From a vulnerability perspective, Linux on Windows is not running inside of a Hyper-V hypervisor, which potentially could isolate the Linux processes. Linux is running on the raw hardware, getting all the benefits of performance and system access, as well as expanding the potential attack surface, he said. The Windows file system is also mapped to Linux, such that Linux will get access to the same files and directories. The updating mechanism inside of Linux for Windows is also an area Ionescu looked at. There is a scheduled task that can be set in Windows to run the Apt-Get Linux command to update packages for the user mode that is enabled by Ubuntu. That said, Ionescu noted that Microsoft isn't actually using an Ubuntu Linux kernel, just user-land tools and applications. "The kernel piece is Microsoft's own implementation and is updated via the usual Windows Update mechanism," he said. Among the issues that Ionescu is still concerned about is the fact that AppLocker, which is Microsoft's whitelisting service for Windows applications, doesn't work for Linux applications. As such, if an enterprise has enabled Linux on systems, Linux apps can potentially run without first checking with AppLocker. If there are risks, Ionescu noted that a network firewall device would potentially see the traffic. He added that while users might not be able to do traditional antivirus, behavior-based security software will likely catch indicators of compromise. Although the risks exist, Ionescu said to enable the Linux features in Windows, users will need to enable developer mode and install additional packages. Ionescu, however, doesn't expect widespread attacks as the Linux feature is still very new and not broadly deployed. "Attackers don't usually go after the latest things where they would only impact a small percentage of the market," he said. "But as the feature adoption grows, this might become a more attractive attack vector." Article source Link to comment Share on other sites More sharing options...
steven36 Posted August 9, 2016 Share Posted August 9, 2016 Lol Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.