ChildProcess icon indicating copy to clipboard operation
ChildProcess copied to clipboard
verified publisher icon asmichi

Fix BatBadBut vulnerability

Open asmichi opened this issue 1 year ago • 1 comments

https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/

asmichi avatar Apr 15 '24 10:04 asmichi

Running cmd.exe should also be affected

asmichi avatar Apr 15 '24 11:04 asmichi

As the first step, let's just refuse to execute *.bat/*.cmd

asmichi avatar Apr 27 '24 06:04 asmichi

Mitigation for 0.16.0:

  • Refuse to execute *.bat/*.cmd
  • Refuse to execute cmd.exe without ChildProcessFlags.DisableArgumentQuoting

For these cases throw ChildProcessStartingBlockedException

asmichi avatar Apr 28 '24 14:04 asmichi