Skip to main content

Bashware Is A Major Concern For Windows 10 PCs

By September 23, 2017May 22nd, 2021Technology News

If you haven’t heard the term “Bashware,” you’re not alone, but in the weeks and months ahead, you can bet you’ll be hearing more about it.

The reason?

Recently, Microsoft rolled out a new feature for Windows 10 users called WSL, which is a Windows Subsystem for Linux. It makes use of the popular “Bash” terminal, which allows Windows users to run apps native to the Linux world, which is very handy in some situations.

Unfortunately, there’s a problem. The security firm Check Point uncovered a hacking technique it dubbed “Bashware.” It allows a hacker to circumvent any and all Windows-based security measures you may have in place, because Windows 10 does not currently monitor the processes of Linux executables.

In terms of scope and scale, that means that all 400 million plus machines currently running Windows 10 are vulnerable, which probably means that every machine in your company’s network is vulnerable.

A spokesman for Check Point had this to say about their recent discovery:

“Bashware is so alarming because it shows how easy it is to take advantage of the WSL mechanism to allow any malware to bypass security products. We tested this technique on most of the leading anti-virus and security products on the market, successfully bypassing them all.”

Microsoft is not taking the news lying down. They have already taken steps to minimize the impact of this flaw, but therein lies the other problem.

A lot of the potential exploits of the WSL subsystem could be launched from third-party apps that reside outside Microsoft’s control. The tech giant is currently working with these companies to shore up security and minimize risk, but it remains to be seen how receptive third-party developers will be to securing the products they’re selling.

In any case, Microsoft seems reluctant to pull the plug on their new feature, which means there’s a new threat on the horizon.

Jason Manteiga

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.

Leave a Reply