Πολλοί ήταν αυτοί που ενθουσιάστηκαν όταν η Microsoft αποκάλυψε για πρώτη φορά ότι προσθέτει Rust στον πυρήνα των Windows 11. Αυτό έγινε τον Απρίλιο στο congress BlueHat IL 2023 και περίπου a month later on May 11, the company announced that Rust was now in core Windows 11 Insider builds.
Microsoft's David Weston, Vice President, Enterprise and os Security, εξήγησε ότι ο λόγος για την προσθήκη της Rust ήταν να βελτιωθεί η ασφάλεια του συστήματος μνήμης των Windows 11, καθώς η Rust θεωρείται ασφαλέστερη γλώσσα προγραμματισμού για τη μνήμη.
But security researchers at Palo Alto Networks discovered a new peer-to-peer (P2P) worm, called P2PInfect. It is written in Rust and affects both Windows and Redis (Remote Dictionary Server) servers running on Linux. The worm exploits the Lua Sandbox Escape vulnerability which is monitored according to the CVE-2022-0543 from 2022. The vulnerability could lead to remote code execution (RCE).
The P2PInfect worm infects a Redis vulnerability by exploiting the Lua sandbox evasion vulnerability, CVE-2022-0543.
Although the vulnerability was disclosed in 2022, its scope is not fully known at this time.
However, it has been rated in the NIST National Vulnerability Database with a Critical CVSS score of 10,0. P2PInfect exploits Redis servers running on both Linux and Windows operating systems.
You can find more technical details about P2PInfect at Palo Alto website.
