google-site-verification: google30a059f9a075f398.html

Plugins for Popular Text Editors Could Help Hackers Gain Elevated Privileges

CyberWisdom Safe Harbor Commentary on Text Editors:

Today I came across this story from thehackernews.com that calls out a hidden fact that SafeBreach Researcher Dor Azouri analyzed several popular plugins on  text editors for Unix and Linux systems, including Sublime, Vim, Emacs, Gedit, and pico/nano, and found that they are all vulnerable to serious privilege other than pico/nano. Upgrade vulnerabilities This may be exploited by attackers to run malicious code on the victim’s machine.
“This method will succeed regardless of the file being opened in the editor, so even the restrictions normally used in the sudo command may not protect it,” the document reads [pdf]
“Technology users occasionally need to edit all files in the root directory, and for that purpose they will use ‘sudo’ to open their editors with elevated privileges. There are many valid reasons to increase editor permissions.”
The problem lies in the way these text editors load plugins. According to the researchers, the separation between normal mode and advanced mode was insufficient when loading plug-ins for these editors.
Their folder privilege integrity cannot be maintained properly, which opens the door for attackers to provide regular user rights to increase their privileges and execute arbitrary code on the user’s computer.

A simple malvertising campaign may allow attackers to spread malicious extensions to vulnerable text editors, allowing them to run malicious code with higher privileges, install malware, and remotely control the target computer.
Azouri recommends that Unix users can use the open source host-based intrusion detection system OSSEC to proactively monitor system activity, file integrity, logs, and processes.
Users should avoid loading third-party plug-ins when the editor is promoted and denying write access to non-elevated users.
Azouri recommends that developers of text editing change the folder and file permissions model to complete the separation between normal mode and advanced mode and, if possible, provide the user with a manual interface to approve the upgraded plug-in loading.

Read more…

Whether you’re a developer, designer or a writer, a good text editor always help you save time and make you work more efficiently. For example, I use Sublime a lot while programming because it includes some useful tools like ‘syntax highlighting’ and ‘autocomplete’ that every advanced text editor should have. Moreover, these advanced text editors also offer users extensibility, allowing… Engaging post, Read More…

thumbnail courtesy of thehackernews.com

If you like to receive more of these curated safe harbor news alerts then subscribe to my mailing list. and come back soon at https://www.safeharboroncyber.com/Blog/ to read further CyberWisdom Safe Harbor Commentaries. Home » Curated SafeHarboronCyber’s CyberWisdom Post » Plugins for Popular Text Editors Could Help Hackers Gain Elevated Privileges