2 years ago

Microsoft, which has embraced Linux in recent years, is now finding and helping to fix Linux security holes. This pair of https://www.freedesktop.org/wiki/Software/systemd/https://gitlab.com/craftyguy/networkd-dispatcher security bugs, named https://www.microsoft.com/security/blog/2022/04/26/microsoft-finds-new-elevation-of-privilege-linux-vulnerability-nimbuspwn/, can be chained together to gain root privileges on Linux systems. One good thing about this is that this is really not a Linux bug, but a systemd security problem. So Linux distros, such as the popular container distro, https://www.alpinelinux.org/, which don’t use systemd are immune to Nimbuspwn.

It’s because Microsoft has its own versions of Linux now, such as https://docs.microsoft.com/en-us/windows/wsl/install, and Linux security programs such as https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux, which now includes https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/edr-for-linux-is-now-generally-available/ba-p/2048539.