Mullvad VPN officials announced that they had discovered a security problem in Windows 10 and more specifically, in the most recent version of the Windows subsystem for Linux (WSL2), whose connections, apparently, bypass the native Windows 10 firewall (and with it , any rule that we have been able to configure in it) causing some Internet Traffic.
Their product includes an option that uses the firewall to block any Internet access unless connected to the VPN, but a user let them know that, even with their VPN disabled, their Linux installation on WSL2 still connected without problems to the Internet.
Where does this internet traffic problem come from?
The problem originates from the fact that WSL 1 did not use a real Linux kernel, but rather an adaptation that translated calls to the Linux system into calls to the Windows 10 NT kernel, but when WSL 2 arrived, it started using a real Linux kernel that runs on a Hyper-V virtual machine, with its corresponding virtual network adapter.
Since the goal of WSL2 was to function as a standalone operating system as much as possible, it makes sense for it to work this way, but users also need to be aware of this change in behavior and know how to secure their connections from the subsystem.
The good news is that this allows you to use Linux’s own firewalls, such as the famous and old Iptables or the more modern Nftables, to control network traffic, so it is not all bad news so you can take advantage of this although of course that has already been a decision that each one makes and of course this would solve the internet traffic.
