Shellshock-Like Flaw May Affect Microsoft Windows

The Shellshock vulnerability is a big problem for Mac OS X, some Linux distributions and many other Unix-like operating systems, but at least Windows machines are safe — mostly. Although Shellshock exploits a weakness in the Bash shell, which can be used to process commands in Unix-like software, researchers have discovered how to apply the same basic logic to Microsoft Windows, complete with potential malware.

The research comes from The Security Factory, an online-security company based in Schelle, Belgium. The demonstration is complicated, even by command-prompt standards, but shows how an extremely clever, persistent hacker could theoretically seed malware in Windows using the same logic that fuels the Shellshock flaw.

MORE: Best Mac Antivirus Software 2014

Shellshock is dangerous because, in simple terms, it lets users run arbitrary code in the Bash shell, or command-line environment. (Bash is the most widely used of half a dozen major Unix shells.)

Arbitrary code, as its name suggests, can be anything at all. A remote attacker taking advantage of your command to type "Hello world!" might not sound very threatening, but arbitrary code can also run scripts to download and execute malicious programs.

If you're curious to find out exactly how the Windows exploit could work, it's best to check out TSF's very detailed explanation, as it gets deep into the weeds. The short version is that by "echoing" a command in the Windows command prompt, it's possible to fool a computer into thinking that you have access to Folder B when you really have access to Folder A.

This kind of intrusion is actually fairly harmless to everyday PCs, since even if a hacker could get access to your command prompt, planting and executing a file is much harder than simply accessing a folder's contents. However, TSF theorizes that a really dedicated hacker with access to a file server could cause some serious mischief.

For its own part, Microsoft is aware of the vulnerability, but has elected to not address it. A Microsoft representative replied to TSF — correctly — that putting quotation marks around the part of code that allows the exploit to happen can effectively prevent it. The problem is that Microsoft does not advise this course of action directly in any of its how-to scripting support posts.

The bottom line is that while a very enterprising malefactor could use Shellshock's tricks to affect a Windows system, system administrators can take prophylactic measures against it, and everyday users don't have to worry about it. With fixes for the various affected Unix-like operating systems already being deployed as well, Shellshock's potential impact should continue to diminish over time.

Marshall Honorof is a Staff Writer for Tom's Guide. Contact him at mhonorof@tomsguide.com. Follow him @marshallhonorof and on Google+. Follow us @tomsguide, on Facebook and on Google+.

TOPICS
Marshall Honorof

Marshall Honorof is a senior editor for Tom's Guide, overseeing the site's coverage of gaming hardware and software. He comes from a science writing background, having studied paleomammalogy, biological anthropology, and the history of science and technology. After hours, you can find him practicing taekwondo or doing deep dives on classic sci-fi. 

Latest in Online Security
A magnifying glass on top of the Steam logo in a web browser
Valve just pulled a malicious game demo spreading info-stealing malware from Steam
MacBook Pro 2023
New Mac attack is tricking users into thinking their computer is locked — how to stay safe
Hacker using a stolen social security card
Your Social Security number is a literal gold mine for scammers and identity thieves — here’s how to keep it safe
An open lock depicting a data breach
Half a million teachers hit in major data breach with SSNs, financial data and more exposed — what to do now
Green skull on smartphone screen.
Malicious Android apps with 60 million installs bombarding phones with ads and phishing attacks — how to stay safe
Malware
Dangerous new password-stealing trojan automatically reinstalls itself on infected PCs
Latest in News
Rendered images of rumored foldable iPhone.
Foldable iPhone report just revealed key details — here's what we know
NYTimes Connections
NYT Connections today hints and answers — Saturday, March 23 (#651)
NYT Strands on a cellphone
NYT Strands today — hints, spangram and answers for game #385 (Sunday, March 23 2025)
Nintendo Switch 2
Nintendo Switch 2 rumored specs — here’s what we know so far
iPhone 17 Pro render
iPhone 17 Pro — 7 biggest rumored upgrades
CAD renderings of the Google Pixel 10 Pro XL
Pixel 10 leak could be good news for all Android phones
  • Michael Null
    If you check out TSF's article on this, they clearly state this shouldn't be considered a vulnerability. They also followed up with Microsoft who, after performing some additional research, said the same.

    After just a quick skim, it looks like there *might* be some potential for this to cause a little bit of trouble but it's highly unlikely.
    Reply