Microsoft WIN10 's first Anniversary update system includes a new Linux subsystem, but security company CrowdStrike points out that this increases the chances of hackers being hacked by Windows users and reduces the security of the system.
At the Black Hat Technology conference in progress, Alex Ionescu, a security expert from CrowdStrike, explains the problems that are facing Linux systems embedded in Windows.
Security experts point out that the Linux subsystem of Windows 10 is not running under Hyper-V virtual environments, so it has free access to hardware, and the Windows file system is mapped to Linux, so the Linux subsystem also has the freedom to access files and directories. These mechanisms have created several security holes, and 365 of sports have fixed some of the vulnerabilities after being warned by the CrowdStrike company.
Security experts also point out that in Windows10, Linux applications can modify Windows software because Windows software can modify Linux applications, creating new security threats.
In some cases, Linux environments running under Windows are less secure due to compatibility issues. There are many ways to inject code into your application, modify memory, and add new security threats to Linux applications running under Windows.
The modified Linux code, in turn, calls the Windows system APIs to get system call permissions, triggering malicious behavior that is not small.
Not only that, adding Linux subsystems also makes it more difficult for enterprises to control the applications running on PCs. For example, Linux software can be protected from AppLocker (application control policies), thereby increasing the likelihood of a system being subject to security issues.
Security experts also point out that the likelihood of these attacks being widely exploited is not high because this feature is not activated by default and only a limited number of users will install this advanced feature.
Black Hat Expert: WIN10 embedded Linux subsystem faces security risks