Windows afflicted by Shellshock-esque bug

Windows file servers may be vulnerable to a Shellshock-esque bug, according to the Security Factory.

Users within a given network are said to be able to take control of the server by injecting code into a Windows command line through environment variables, much like the problem that afflicted the Bash shell on Linux, Unix and Mac.

The Security Factory said: "In order to succeed, all the user has to do is create a folder with a special name, [provided] you regularly run command-shell scripts for management purposes that have a (pretty common) coding vulnerability."

Microsoft, despite acknowledging the problem in emails to the firm, does not plan to patch the bug, arguing that doing so would break properly written batch files containing command instructions.

"In the primary attack scenario you presented you could attack already insecure batch that don’t follow [existing] guidance," the company said.

"However there is nothing we can do to fix insecure batch files people have written."

The Security Factory insisted that he did not consider the bug an exploit, since a hacker could not use it to execute malware through a common action performed by a regular user, such as opening a webpage.

"In our sample above, we have not crossed any security boundary," it said.

"One could look for attack scenarios whereby the victim is tricked into changing an environment variable using social engineering tricks, but I would not really call that an exploit."

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing