Microsoft is bringing the Linux 'sudo' feature to Windows Server 2025, offering a new way for admins to elevate privileges for console applications.
Superuser do, or sudo, is a Linux console program that allows low-privileged users to execute a command with elevated privileges, usually as root.
This command offers increased security in Linux as servers can be used normally under low-privileged accounts while still allowing users to elevate their privileges as needed when running specific commands.
An example of the sudo command is shown below, where we run 'whoami' as a low-privileged user and then run it using sudo.
Notice that the whoami command shows that I am running it as the bleeping user.
When I execute whoami with sudo, it elevates my privileges to root.
Microsoft released the first Windows Server 2025 Insider preview build last week.
Soon after, a newer version was leaked online.
As first reported by Windows Latest, the leaked version contains some new in-development features, including new settings for a Windows 'sudo' command.
These settings are only available after enabling developer mode, and the sudo command does not currently work from the command line yet, showing it is early in development.
The sudo settings provide some clues as to how the command will work, with the ability to run sudo applications 'In a new windows', 'With input disabled', and 'Inline'.
Windows already offers the ability to elevate programs automatically using UAC prompts, causing the programs to run with elevated privileges in their own window.
Some administrative tools, such as bcdedit and reagentc, require you to be an administrator to run these commands.
In these cases, the sudo command will allow the programs to run based on its Windows settings, such as in a new window, inline in the current window, or possibly in a non-interactive shell using the disabled input setting.
It is important to note that Microsoft commonly tests new features in preview builds that do not make it into the production builds.
It will be interesting to see how Microsoft integrates this feature into Windows and will be something to keep an eye on.
New 'Looney Tunables' Linux bug gives root on major distros.
Russian hackers exploiting Outlook bug to hijack Exchange accounts.
New Linux glibc flaw lets attackers get root on major distros.
Exploit released for Android local elevation flaw impacting 7 OEMs..
This Cyber News was published on www.bleepingcomputer.com. Publication date: Sun, 04 Feb 2024 17:30:12 +0000