back to article Bish, bosh, Bashware: Microsoft downplays research on WSL Win 10 'hack' threat

Microsoft has downplayed the risks of running a Linux Bash shell command line on Windows 10 via its Windows Subsystem for Linux (WSL) feature after security researchers said the technology could help hackers smuggle malware past security scanners and onto Windows 10 machines. Researchers at Check Point say that a potential …

  1. Anonymous Coward
    Childcatcher

    BASHware

    No need for funky exploits. You simply write a script that pwns the machine (download and install TeamViewer or a keystroke logger if you are real l33t) and claim that it is actually an AD or WSUS maintenance script and slap it on a blog somewhere. It'll be copied and pasted straight into the console so many times without question, you'll have a botnet in no time. Now I don't have to learn PowerShell to do this - I can use my long honed unix sysadmin script writing skills.

    Sadly, I'm only half joking ... probably

    1. Field Commander A9

      Re: BASHware

      You clearly didn't understand the threat model being discussed here

  2. Anonymous Coward
    Anonymous Coward

    So...

    ..it's possible to infect a machine that you have full control over once you have enabled an off by default setting.

    Holy Shit...panic!

  3. Doctor Syntax Silver badge

    WSL?

    Windows System for Linux. Why did they call it that? It's obviously a Linux system for Windows. Their name sort of describes Wine.

    1. Allonymous Coward
      Coat

      Re: WSL?

      As I understand it (could be wrong) it's mostly "Linux" userland utilities running on top of the Windows kernel.

      So if we're being FSF-ish, surely it should be a GNU system for Windows. Something like GNU/Windows perhaps...

      Mine's the flameproof one, thanks.

      1. Doctor Syntax Silver badge

        Re: WSL?

        AIUI it's a facility to translate Linux system calls to Windows kernel calls in order to run the Linux userland - the converse of Wine.

        But I like Gnu/Windows. As soon as the marketroids mis-hear it it will become New Windows.

  4. bombastic bob Silver badge
    FAIL

    unsafe at any speed

    or, in this case, with ANY executable format (ELF or EXE)

  5. Anonymous Coward
    Anonymous Coward

    Is this a new take on

    Embrace Extend Extinguish (self)?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like