14 DAY TRIAL // One of the big changes implemented in Windows 10 Anniversary Update is the addition of a Linux subsystem that basically allows users to run Linux applications on top of Microsoft’s own Windows 10 operating system.
And while this implementation comes in super handy to developers, the Linux subsystem creates additional risks for Windows 10 computers, according to Alex Ionescu, chief architect at security company Crowdstrike.
In an attempt to improve the performance of the Linux subsystem on Windows 10, Microsoft offered direct access to raw hardware, so Linux applications aren’t launched in a Hyper-V container that could help isolate processes and any threats that might be associated with it, the expert explains, according to eWeek.
And because of this, Linux has full system access, and this is a double-edged sword that could easily backfire in case a hacker manages to inject malicious code into a Linux application. Furthermore, Linux apps have access to the same files and folders as their Windows siblings, so it’s not difficult to see where this could be going in case of a successful attack.
Kernel updates on Patch Tuesday
Microsoft isn’t using an Ubuntu Linux kernel, but its own software, and updates are delivered through Windows Update, just like all the other Windows patches, so security fixes should land on the second Tuesday of each month, when Microsoft is holding its regular Patch Tuesday.
The security expert claims that his company had already identified several security issues with the way Linux is implemented into Windows 10 and reported them to Microsoft before the public launch of the Windows 10 Anniversary Update debuted. Some have already been fixed, he says, but the risk of new vulnerabilities remains.
“In some case, the Linux environment running in Windows is less secure because of compatibility issues,” Ionescu is quoted as saying. “There are a number of ways that Windows applications could inject code, modify memory and add new threats to a Linux application running on Windows.”
On the bright side, the Linux subsystem isn’t activated by default in Windows 10 Anniversary Update, so users need to manually install the necessary packages. To do this, click the Start menu, type “Turn Windows features on or off” and press Enter, select the “Windows Subsystem for Linux (Beta)” and wait for the downloading and installation process to complete.