0x0@programming.dev to Programming@programming.dev · 8 months agoCritical Rust flaw enables Windows command injection attackswww.bleepingcomputer.comexternal-linkmessage-square35fedilinkarrow-up1139arrow-down18cross-posted to: security@lemmy.mltechnology@lemmy.worldrust@programming.devpulse_of_truth@infosec.pub
arrow-up1131arrow-down1external-linkCritical Rust flaw enables Windows command injection attackswww.bleepingcomputer.com0x0@programming.dev to Programming@programming.dev · 8 months agomessage-square35fedilinkcross-posted to: security@lemmy.mltechnology@lemmy.worldrust@programming.devpulse_of_truth@infosec.pub
minus-squareBatmanAoD@programming.devlinkfedilinkarrow-up19·8 months agoAnd in fact it’s not specific to Rust, and Rust is the first language with a fix available. (Thanks to some other comments for pointing this out.) Java has apparently declared it “won’t fix.” https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/#appendix-b-status-of-the-affected-programming-languages
And in fact it’s not specific to Rust, and Rust is the first language with a fix available. (Thanks to some other comments for pointing this out.) Java has apparently declared it “won’t fix.”
https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/#appendix-b-status-of-the-affected-programming-languages