Short Bytes: A security researcher has claimed that the newly-introduced Linux subsystem in Windows 10 could prove to be a risky affair by acting as a new attack layer. As this port of Ubuntu doesn’t run inside a Hyper-V hypervisor, the researcher claims that any malicious code injection in Linux applications can affect all files and folders of Windows system.
This Linux subsystem is reportedly creating new security risks for Windows 10 users. Security company CrowdStrike’s chief architect Alex Ionescu has noted that the Linux subsystem increases the attack surface by gaining complete access to the raw hardware.
This increased risk could be attributed to the fact that Linux on Windows 10 doesn’t run inside a Hyper-V hypervisor. Thus, due to the absence of some isolation, the Windows file system is also mapped to the Linux port, sharing the complete files and directories.
Imagine a risky situation where a hacker manages to inject notorious code in some Linux application. In such condition, your double-edged Linux subsystem will let the hacker view all files and folders of your primary Windows system by calling Windows APIs.
As reported by eWeek, Ionescu said that he has informed Microsoft about the issue in beta phase and some of them have already been fixed. However, some problems are still arising because of the compatibility issues.
— Ionescu said
The security researcher also notes that the Linux kernel implementation is Microsoft’s homegrown recipe. So, the way this Ubuntu port handles the update is much different than a usual Linux system.
The other risks include the lack of AppLocker-support for Linux applications. So, if one has enabled Linux on Windows 10 system, Linux apps can possibly run without any interference of AppLocker.
If we consider the real-life applications of this attack layer, there aren’t any heavy chances of widespread exploitation as this feature is still in nascent phase.
Did you find this article helpful? Don’t forget to drop your feedback in the comments section below.