Microsoft CVE-2018-8337: Windows Subsystem for Linux Security Feature Bypass Vulnerability
Description
A security feature bypass vulnerability exists when Windows Subsystem for Linux improperly handles case sensitivity. An attacker who successfully exploited this vulnerability could replace or delete arbitrary files as a low privilege user. A attacker could exploit this vulnerability by running a specially crafted application. The update addresses the vulnerability by correcting how Windows Subsystem for Linux handles case sensitivity.
Solution(s)
- msft-kb4457142-9b51afc7-4b07-4a96-8bd4-355d5b246004
- msft-kb4457142-cdc6a0ee-255d-41b1-be04-1fd7517d5b5f
- msft-kb4457142-e510dc03-b10b-49f6-bfb6-33c1f3ed45fb
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center