WSL (Windows Subsystem for Linux), Microsoft's network security toolkit that allows users to run Linux natively on Windows without needing a dual-boot setup, underwent significant enhancements and updates in May 2024. These changes bring numerous security and user experience benefits.
Let's examine the changes made to WSL and discuss security best practices you can easily implement to improve its security further.
What Changes Has Microsoft Made to WSL This Month?
Microsoft Defender for Endpoint support and secure authentication with Entra ID integration. Dev Home now also allows users to manage WSL distros, launch development environments, and utilize features like Sudo for Windows and an AI-powered quickstart playground, providing Linux admins with enhanced functionality, security, and an overall better development experience. These updates give Linux administrators increased functionality and provide a better user experience.
Let's explore these recent changes in mode detail:
- Memory, Storage, and Networking Improvements: Improvements have been implemented for memory management, storage space reclamation, and networking support. These improvements include automatically releasing stored memory back to Windows and setting default settings for memory reclamation, plus enhanced networking features.
- WSL Settings GUI Application: The WSL Settings GUI will soon be unveiled. It will simplify the customization and management of settings within WSL. With labeled categories for settings, this interface should simplify configuring configurations for end-users.
- WSL Zero Trust: The Windows Subsystem for Linux now operates under Zero-Trust principles, and new features and support have been introduced to provide additional security benefits to enterprises using WSL. These include Defender for Endpoint support for WSL 2, Linux Intune agent integration to manage settings, and Microsoft Entra ID integration for authentication purposes.
- Dev Home Environments feature: Environments is a new feature within Dev Home that allows users to manage, launch, and create development environments, including WSL distros, within the Dev Home platform, further enriching the development experience.
- Bonus Improvements: Additional enhancements include the introduction of 'Sudo for Windows,' which allows users to utilize sudo commands in Windows for certain commands that use sudo privileges. Furthermore, an AI-powered quickstart playground feature within Dev Home enables users to set up Linux development environments using AI-generated prompts quickly.
Practical Advice for Strengthening WSL Security
- Update all the apps in your custom virtual image to the latest versions.
- Use a disaster recovery and business continuity strategy to protect your data during unforeseeable outages.
- Protect your network from threats using anti-malware software from reputable vendors.
- Use JIT VM access (just-in-time) to restrict traffic entering management ports.
- Create network security groups and set up rules to govern the screen traffic so that you can quickly address cybersecurity vulnerabilities.
- Install Microsoft Defender for Endpoint, which uses behavioral sensors to collect behavioral signals and analyze them. MDE alerts Microsoft analysts when it detects threats. They analyze the risks and offer remediation measures. You must usually disconnect the compromised devices while maintaining a connection with MDE to monitor your server.
Our Final Thoughts on the Recent Changes Made to WSL
The recent changes Microsoft has made to WSL are significant and will greatly improve users' and developers' experience and level of security using WSL. By engaging in the practical tips and security best practices we've discussed, users can further bolster the security of their WSL environment to protect against vulnerabilities and exploits. For more practical Linux security tips, information, and updates, be sure to subscribe to our Linux Security Week and Linux Advisory Watch newsletters.
Stay safe out there, WSL users!