134
Critical Rust flaw enables Windows command injection attacks
(www.bleepingcomputer.com)
Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!
Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.
Hope you enjoy the instance!
Rules
Follow the wormhole through a path of communities !webdev@programming.dev
But it got a 10/10 on the scoring system by Github.
The issue isn't actually too much related to the Rust core language itself, but rather how they handle scripts on Windows platform. So if you don't have a Windows program that runs Batch scripts, then it doesn't matter to you. I wonder how common it is to run Batch scripts in Rust?
This only matters when running the scripts with user inputs passed as arguments to the command, which I can't imagine being remotely common at all.
I don't think my company uses batch scripts anywhere, but if they did, it would probably be in the app installer for Windows or something.