If you haven’t heard the term “Bashware,” you’re not alone, but in the weeks and months ahead, you can bet you’ll be hearing more about it.
Recently, Microsoft rolled out a new feature for Windows 10 users called WSL, which is a Windows Subsystem for Linux. It makes use of the popular “Bash” terminal, which allows Windows users to run apps native to the Linux world, which is very handy in some situations.
Unfortunately, there’s a problem. The security firm Check Point uncovered a hacking technique it dubbed “Bashware.” It allows a hacker to circumvent any and all Windows-based security measures you may have in place, because Windows 10 does not currently monitor the processes of Linux executables.
In terms of scope and scale, that means that all 400 million plus machines currently running Windows 10 are vulnerable, which probably means that every machine in your company’s network is vulnerable.
A spokesman for Check Point had this to say about their recent discovery:
“Bashware is so alarming because it shows how easy it is to take advantage of the WSL mechanism to allow any malware to bypass security products. We tested this technique on most of the leading anti-virus and security products on the market, successfully bypassing them all.”
Microsoft is not taking the news lying down. They have already taken steps to minimize the impact of this flaw, but therein lies the other problem.
A lot of the potential exploits of the WSL subsystem could be launched from third-party apps that reside outside Microsoft’s control. The tech giant is currently working with these companies to shore up security and minimize risk, but it remains to be seen how receptive third-party developers will be to securing the products they’re selling.
In any case, Microsoft seems reluctant to pull the plug on their new feature, which means there’s a new threat on the horizon.