LxssManager (LxssManager)ID: oval:org.secpod.oval:def:80601 | Date: (C)2022-06-02 (M)2023-12-13 |
Class: COMPLIANCE | Family: windows |
The LXSS Manager service supports running native ELF binaries. The service provides the
infrastructure necessary for ELF binaries to run on Windows.
Note: This service is not installed by default. It is supplied with Windows, but is installed
by enabling an optional Windows feature (Windows Subsystem for Linux).
The Linux SubSystem (LXSS) Manager allows full system access to Linux applications on
Windows, including the file system. While this can certainly have some functionality and
performance benefits for running those applications, it also creates new security risks in
the event that a hacker injects malicious code into a Linux application. For best security, it
is preferred to run Linux applications on Linux, and Windows applications on Windows.
Default: Not Installed (Manual when installed)
Counter Measure:
The recommended state for this setting is Disabled or Not Installed.
Potential Impact:
The Linux SubSystem will not be available, and native ELF binaries will no longer run.
Fix:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\System Services\LxssManager
(2) REG: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LxssManager!Start
Platform: |
Microsoft Windows 10 |