Rust on Windows 11, is used to distribute the P2PInfect worm

Πολλοί ήταν αυτοί που ενθουσιάστηκαν όταν η Microsoft αποκάλυψε για πρώτη φορά ότι προσθέτει Rust στον πυρήνα των Windows 11. Αυτό έγινε τον Απρίλιο στο BlueHat IL 2023 και περίπου a month later on May 11, the company announced that Rust was now in core Windows 11 Insider builds.

cloud 21 illustration green

Microsoft's David Weston, Vice President, Enterprise and Security, εξήγησε ότι ο λόγος για την προσθήκη της Rust ήταν να βελτιωθεί η ασφάλεια του συστήματος μνήμης των Windows 11, καθώς η Rust θεωρείται ασφαλέστερη γλώσσα προγραμματισμού για τη μνήμη.

But security researchers at Palo Alto Networks discovered a new peer-to-peer (P2P) worm, called P2PInfect. It is written in Rust and affects both Windows and Redis (Remote Dictionary Server) servers running on Linux. The worm exploits the Lua Sandbox Escape vulnerability which is monitored according to the CVE-2022-0543 from 2022. The vulnerability could lead to remote code execution (RCE).

The P2PInfect worm infects a Redis vulnerability by exploiting the Lua sandbox evasion vulnerability, CVE-2022-0543.

Although the vulnerability was disclosed in 2022, its scope is not fully known at this time.

screenshot 2023 07 22 06 27 41

However, it has been rated in the NIST National Vulnerability Database with a Critical CVSS score of 10,0. P2PInfect exploits Redis servers running on both Linux and Windows operating systems.

You can find more technical details about P2PInfect at Palo Alto website. The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.


Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).