The integration process of Ubuntu Bash and Windows 10 a new incident has been encountered which may call into question its viability within this system. As you know and we commented a few days ago, Ubuntu Bash has become one of the most relevant functionalities within the new operating system of the people of Redmond.
The idea proposed with Ubuntu Bash is very attractive: a Linux terminal within the Windows system with almost full functionality that also allows the execution of simple programs. that opens up a world of possibilities and GNU software for Windows environments and the possibility of managing from a single environment multitude of systems without the need for third-party tools.
This attractive idea, the result of the alliance that Microsoft and Canonical maintained during the failed Astoria Project, materialized in an open-source project the security has been called into question following the last Black Hat convention held in Las Vegas, where Alex Ionescu, chief architect at Crowdstrike, has demonstrated the security flaws it presents.
These errors, still pending correction by the Redmond giant, it opens up numerous paths vulnerable to susceptible Windows applications be able to be injected with malicious code, Being able to modify the memory and even return again to the applications of the Linux environment. This process would take place using the so-called system APIs Windows, which along with the shortcut to the file system on your computer, would really do difficult to mitigate a possible attack to be executed using these mechanisms.
Microsoft seems to have gotten to work and is starting to work on the bugs that have been reported, but we need to distinguish between the kernel that employs Ubuntu Bash, which is a native build for Windows 10 and the real that it does use the Canonical system, then both do not share the same base of updates.
On the other hand, there is another nuance associated with the application of Windows AppLocker, which is not associated with the Ubuntu Bash environment and therefore a white list of applications cannot be created for it. This is especially detrimental to productive environments where AppLocker it cannot function as a first barrier to potential threats of applications. Antiviruses are alien to this information and the system firewall itself is insufficient to ensure sufficient protection of the computer.
Finally, in the words of Ionescu himself, it seems more than likely that these vulnerabilities will not be exploited by any hacker given the requirements that must be met for Ubuntu Bash to be installed on the computer: activation of developer mode and installation of the additional feature.
source: MuySeguridad.net
