Is Windows Safe from Shellshock?

It appears as time goes on since the Bash vulnerability was first discovered, that Windows users are not necessarily immune to this Linux-targeted bug. According to a security company in Belgium, they discovered a command injection vulnerability for Windows command-line shells that takes advantage of environment variables in a similar fashion to Bash exploits.

According to the information, Windows clients are not able to be exploited remotely (via the Internet). The exploit would have to occur locally, or specifically on Windows Server deployments. Microsoft is not planning to issue a security bulletin, as it does not consider this a security vulnerability.

Read the full story in the news.


About MIT
IT Security Awareness Consultant and Communications Specialist at MIT

Comments are closed.

%d bloggers like this: