Is Hidden Linux Subsystem In Windows 10 Making Your PC Unsafe?

linux risks windows 10

linux risks windows 10Short Bytes: A security researcher has claimed that the newly-introduced Linux subsystem in Windows 10 could prove to be a risky affair by acting as a new attack layer. As this port of Ubuntu doesn’t run inside a Hyper-V hypervisor, the researcher claims that any malicious code injection in Linux applications can affect all files and folders of Windows system.

Last week, Microsoft started rolling out its latest Windows 10 Anniversary Update. Out of the many new features that came with the update, the ability to run Bash on Ubuntu on Windows 10 was liked by many. The update includes a Linux subsystem that allows a developer to run his/her favorite Ubuntu tools on a Windows machine.

This Linux subsystem is reportedly creating new security risks for Windows 10 users. Security company CrowdStrike’s chief architect Alex Ionescu has noted that the Linux subsystem increases the attack surface by gaining complete access to the raw hardware.

This increased risk could be attributed to the fact that Linux on Windows 10 doesn’t run inside a Hyper-V hypervisor. Thus, due to the absence of some isolation, the Windows file system is also mapped to the Linux port, sharing the complete files and directories.

Imagine a risky situation where a hacker manages to inject notorious code in some Linux application. In such condition, your double-edged Linux subsystem will let the hacker view all files and folders of your primary Windows system by calling Windows APIs.

As reported by eWeek, Ionescu said that he has informed Microsoft about the issue in beta phase and some of them have already been fixed. However, some problems are still arising because of the compatibility issues.

“In some case, the Linux environment running in Windows is less secure because of compatibility issues. There are a number of ways that Windows applications could inject code, modify memory and add new threats to a Linux application running on Windows.”

— Ionescu said

The security researcher also notes that the Linux kernel implementation is Microsoft’s homegrown recipe. So, the way this Ubuntu port handles the update is much different than a usual Linux system.

The other risks include the lack of AppLocker-support for Linux applications. So, if one has enabled Linux on Windows 10 system, Linux apps can possibly run without any interference of AppLocker.

If we consider the real-life applications of this attack layer, there aren’t any heavy chances of widespread exploitation as this feature is still in nascent phase.

Did you find this article helpful? Don’t forget to drop your feedback in the comments section below.

Also Read: 10 Best Features In Windows 10 Anniversary Update

Similar Posts