From DSLReports comes this interesting read. Windows 10’s Built-In Linux Shell Could Be Abused to Hide Malware, Researchers Say - Motherboard
" As it stands now, {Windows Subsystem for Linux} or WSL is not turned on by default and users need to enable "development mode" on their systems in order to use it."
This feature was added in beta with the anniversary update in 2016 and will become a fully supported feature in the fall update on or about October 17th.
I don't know a thing about Linux so, those of you who do can give us Linux noobs the skinny.
The one thing that stood out for me was that, so far as this article says, only Symantec has scanners that can recognize this stuff. And Kaspersky has said that they will adapt their scanners to be able to spot it.
So, I have switched from Windows Defender back to Norton Security Suite for the time being.
And now I'm off to make another set of backups to replace the ones I made this morning.

Microsoft must know about this vulnerability so what if anything are they going to do to improve security? Being an IT Luddite, I haven't yet upgraded to the CU so I'm 'safe' so far.

This isn't considered an actual security vulnerability as you are required to have admin rights to use this. The prerequisite elevation of privilege is the actual security boundary.

This is not crossing an access check at all, there is no compromise of the security guarantees windows tries to give. This is something that will be useful to attackers post exploitation, not an actual vulnerability to exploit. Once you have local admin, the security game is over.

While I disagree with Microsoft on how they handle a number of things such as UAC and AppLocker bypasses, I think Raymon Chen's article series is fairly fitting here:

It rather involved being on the other side of this airtight hatchway: Invalid parameters from one security level crashing code at the same security level The Old New Thing.

ZDnet's take http://www.zdnet.com/article/check-p...-linux-attack/