Bashware Lets Malware Bypass Most Security Programs
A new exploit has been discovered, allowing hackers to install malware on Windows 10 systems without detection of most anti-virus programs. The exploit, deemed Bashware, is found within the newly added Windows Subsystem for Linux (WSL). Kim Komando reported, WSL was created to add Linux Shell support to Windows 10. However, when this addition was implemented, a major security gap was left open. The security exploit was founded by two security researchers, Gal Elbaz and Dvir Atlas.
Typically the WSL requires manual activation. Although, through this exploit, hackers are able to automatically turn on the feature to use the exploit to install malware.
To avoid falling victim to this latest malware threat, PC Matic encourages users to do the following:
- Be hyper-vigilant when it comes to opening emails
- Don’t click on something unless you are certain it is legitimate
- Keep your eyes open for malicious email attachments and/or links
- Keep your operating system updated
- Update your security software
Beyond the above steps, it is encouraged PC users upgrade their security solution to one that implements an application whitelisting technology. For instance, Bashware would not impact users of PC Matic, because when the malware attempts to execute — it would be denied. This is because that file has not been tested and proven safe. Although, it is important to note — the vulnerability would still be there. Therefore, it is important PC users keep their operating systems updated.