Introducing a New Vulnerability Class: False File Immutability (www.elastic.co)

submitted 2 weeks ago by tuxbot@infosec.pub to c/infosec_news@infosec.pub

3 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] eRac 1 points 2 weeks ago

TL;DR: Things are written to assume that files opened exclusively cannot change. Windows enforces that write protection on files in the filesystem driver. If you open a file over a network from a non-Windows filesystem, that assumption may not be valid.

This allows an attacker to abuse paging to have the system validate a correctly-signed file, then swap out the contents.

[-] werefreeatlast@lemmy.world 0 points 2 weeks ago

So because windows is the shit OS that can't, now Linux has to work to "correct" this "problem"? I assume that's how it will go down. Enshitification by compatibility to shitty OS.

[-] eRac 2 points 2 weeks ago

No, because an attacker could still make their own network filesystem that does whatever they want. MS needs to update critical auth methods to not assume that the filesystem will play ball.

this post was submitted on 06 Nov 2024

9 points (100.0% liked)

Infosec News

242 readers

46 users here now

A community posting Cybersecurity related articles.

founded 1 month ago

MODERATORS

tuxbot@infosec.pub

sv1sjp@lemmy.world