Windows Subsystem For Linux Considered Potential Security Attack Vector

By | 17/09/2017

A security researcher has found a potential new attack vector using the relatively new Windows 10 feature of WSL (Windows Subsystem for Linux). This technique, dubbed Bashware, has the potential to sidestep many Windows AntiMalware solutions.

WSL makes the popular bash shell available for Windows 10 users, and in so doing, enables users to natively run Linux operating system executables on the Windows operating system.

Existing security solutions are still not adapted to monitor processes of Linux executables running on Windows OS, a hybrid concept which allows a combination of Linux and Windows systems to run at the same time. This may open a door those with malicious intent to hide from security products that have not yet integrated the proper detection mechanisms.

Read more in the original article