Implications of Windows Subsystem for Linux for Adversaries & Defenders (Part 2)

This post is the second of a multi-part blog series that explores and highlights the different risks that Windows Subsystem for Linux WSL poses to an enterprise IT environment. Here we examine different TTPs that abuse WSL and assess different methods to defend against such threats. ← Go to Part ...

Implications of Windows Subsystem for Linux for Adversaries & Defenders (Part 1)

This post is the first of a multi-part blog series that will explore and highlight the different risks that Windows Subsystem for Linux WSL poses to an enterprise IT environment. Here we examine a new Microsoft feature for GNU\Linux that increases the attack surface and introduces a lot more...

The compatibility subsystem for running Linux applications allows the Windows Subsystem for Linux (WSL), a operating system from Microsoft Windows, to be utilized by attackers to increase their privileges.

The vulnerability of the compatibility subsystem for running Linux applications, namely the Windows Subsystem for Linux WSL of the Microsoft operating system, is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

New Malware Targets Windows Subsystem for Linux to Evade Detection

A number of malicious samples have been created for the Windows Subsystem for Linux WSL with the goal of compromising Windows machines, highlighting a sneaky method that allows the operators to stay under the radar and thwart detection by popular anti-malware engines. The "distinct tradecraft"...

CVE-2021-36966

Windows Subsystem for Linux Elevation of Privilege Vulnerability...

Microsoft Windows Subsystem for Linux 产品权限许可和访问控制问题漏洞

Microsoft Windows Subsystem for Linux WSL is a Microsoft Windows Subsystem for Linux, a compatibility layer capable of running native Linux binary executables ELF format. A vulnerability exists in the Microsoft Windows Subsystem for Linux with privilege permission and access control issues. Windo...

PT-2021-6318 · Microsoft · Windows Subsystem For Linux +1

Name of the Vulnerable Software and Affected Versions: Windows Subsystem for Linux affected versions not specified Description: The issue is related to insufficient access restrictions in the Windows Subsystem for Linux, which can be exploited to elevate privileges. This could allow an attacker t...

The compatibility subsystem for running Linux applications allows Windows Subsystem for Linux (WSL) operating systems. This enables attackers to elevate their privileges and execute arbitrary code.

The vulnerability of the compatibility subsystem for running Linux applications involves memory object handling errors. Exploiting this vulnerability allows an attacker to enhance their privileges and execute arbitrary code through a specially created application...

Microsoft Windows Subsystem for Linux Elevation of Privilege Vulnerability (CNVD-2020-43102)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in the Microsoft Windows Subsystem for Linu...

CVE-2020-1423

An elevation of privilege vulnerability exists in the way that the Windows Subsystem for Linux handles files, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'...

CVE-2020-1423

An elevation of privilege vulnerability exists in the way that the Windows Subsystem for Linux handles files, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'...

Privilege escalation

An elevation of privilege vulnerability exists in the way that the Windows Subsystem for Linux handles files, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'...

CVE-2020-1423

An elevation of privilege vulnerability exists in the way that the Windows Subsystem for Linux handles files, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'...

Windows Subsystem for Linux Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in the way that the Windows Subsystem for Linux handles files. An attacker who successfully exploited the vulnerability could execute code with elevated privileges. To exploit the vulnerability, an attacker would first need code execution on a victim...

The compatibility subsystem for running Linux applications allows Windows Subsystem for Linux (WSL) operating systems to enable unauthorized access to protected information by attackers.

The vulnerability of the compatibility subsystem for running Linux applications in Windows Subsystem for Linux WSL operating systems is related to object handling errors in the kernel. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through...

CVE-2020-1075

An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory, aka 'Windows Subsystem for Linux Information Disclosure Vulnerability'...

CVE-2020-1075

An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory, aka 'Windows Subsystem for Linux Information Disclosure Vulnerability'...

Information disclosure

An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory, aka 'Windows Subsystem for Linux Information Disclosure Vulnerability'...

CVE-2020-1075

An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory, aka 'Windows Subsystem for Linux Information Disclosure Vulnerability'...

Missing NTFS Protection

Git is vulnerable to missing NTFS Protection. An flaw was found during running Git in the Windows Subsystem for Linux also known as "WSL" while accessing a working directory on a regular Windows drive. None of the NTFS protections were active...