0x0@programming.dev to Programming@programming.dev · 7 months agoCritical Rust flaw enables Windows command injection attackswww.bleepingcomputer.comexternal-linkmessage-square35fedilinkarrow-up1141arrow-down18cross-posted to: security@lemmy.mlpulse_of_truth@infosec.pub
arrow-up1133arrow-down1external-linkCritical Rust flaw enables Windows command injection attackswww.bleepingcomputer.com0x0@programming.dev to Programming@programming.dev · 7 months agomessage-square35fedilinkcross-posted to: security@lemmy.mlpulse_of_truth@infosec.pub
minus-squareBatmanAoD@programming.devlinkfedilinkarrow-up19·7 months agoAnd in fact it’s not specific to Rust, and Rust is the first language with a fix available. (Thanks to some other comments for pointing this out.) Java has apparently declared it “won’t fix.” https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/#appendix-b-status-of-the-affected-programming-languages
And in fact it’s not specific to Rust, and Rust is the first language with a fix available. (Thanks to some other comments for pointing this out.) Java has apparently declared it “won’t fix.”
https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/#appendix-b-status-of-the-affected-programming-languages