Security Alerts & News
by Tymoteusz A. Góral

History
#1284 Windows 10 attack surface grows with Linux support in anniversary update
Microsoft’s release of Windows Anniversary Update last week included an optional feature called Windows Subsystem for Linux that allows native support for Linux binaries. That has some security experts concerned the Windows 10 attack surface has been expanded.

The threat, according to Alex Ionescu, vice president of endpoint detection and response strategy at Crowdstrike, centers on a capability that allows for some Ubuntu Linux features to run within the Windows 10 operating system. Ionescu, who discussed his research with Threatpost last week at Black Hat USA, said modified Linux code could make system calls to Windows APIs and execute malicious actions within the Windows environment.

“Security researchers, admins and forensic security experts are used to hunting Windows threats on Windows platforms and are adept at auditing them. Now you have a very interesting new paradigm where Linux applications can run on a Windows machine,” Ionescu said. “If this feature is turned on, you have support for unmodified Linux binaries – malicious or not.”
Read more
#1286 Researchers crack Microsoft feature, say encryption backdoors similarly crackable
#1285 Serious TCP bug in Linux systems allows traffic hijacking
#1284 Windows 10 attack surface grows with Linux support in anniversary update
#1283 Dota 2 forum breach leaks 2 million user accounts
#1282 Microsoft Patch Tuesday – August 2016
#1281 Windows PDF library flaw puts Edge users at risk for RCE
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12