From ThreatPost:
‘VENOM’ Flaw in Virtualization Software Could Lead to VM Escapes, Data Theft
Researchers have uncovered a vulnerability in an obscure component of many virtualization platforms that they say can allow an attacker to escape from a guest virtual machine and gain code execution on the host, as well as any other VMs operating on that machine. Experts say the bug affects a wide variety of virtualization software running on all major operating systems.
Update:
According to Dan Kaminsky via Slashdot it appears that VMware, Hyper-V & Bochs are unaffected by this.
No comments:
Post a Comment