- Plugins for Popular Text Editors Could Help Hackers Gain Elevated Privileges
A text editor is a type of computer program that edits plain text. The advanced text editors also offer users extensibility, allowing users to install and run third-party plugins to extend the editor’s functionality and most importantly its scope. According to the latest report the most famous text editor is vulnerable to privilege escalation. SafeBreach researcher Dor Azouri analyzed several popular extensible text editors for UNIX and Linux systems, including Sublime, Vim, Emacs, Gedit, and pico/nano, and found that except for pico/nano, all of them are vulnerable to a critical privilege escalation flaw that could be exploited by attackers to run malicious code on a victims’ machines. Their folder permissions integrity is not maintained correctly, which opens the door for attackers with regular user permissions to elevate their privileges and execute arbitrary code on the user’s machine. An attacker can use malvertising campaign to spread malicious extension for vulnerable text editors, enabling them to run malicious code with elevated privileges, install malware and remotely take full control of targeted computers.
Cyber security Tips: Users are strongly recommended that avoid loading 3rd-party plugins when the editor is elevated and also deny write permissions for non-elevated users and developers of text editors to change the folders and file permission models to complete the separation between regular and elevated modes and if possible, provide a manual interface for users to approve the elevated loading of plugins.