10 new vulnerabilities discovered in vm virtualbox
Table of contents:
Oracle has released a patch to fix ten vulnerabilities in VirtualBox that allow attackers to escape 'guest' operating systems and attack the host operating system that VirtualBox is running on.
VM VirtualBox solves your serious security problems
Exploits using this method, known as "virtual machine escape", have been the subject of intense interest by security experts after their disclosure in 2015.
The vulnerabilities are published as; CVE-2018-2676, CVE-2018-2685, CVE-2018-2686, CVE-2018-2687, CVE-2018-2688, CVE-2018-2689, CVE-2018-2690, CVE-2018-2693, CVE- 2018-2694, and CVE-2018-2698 . While they all share the same effect, the method involved - and subsequently the ease with which attackers can exploit the vulnerability - varies by type.
Anyone using VirtualBox is potentially vulnerable to the CVEs listed above, although some of the reported vulnerabilities are specific to the operating systems running on the host. Newly released patches are available in the latest version (5.2.6), as well as the old version (5.1.32).
The developers of this application recommend that all users who run code - unreliable - on guest VMs, update the application urgently.
Although VirtualBox is a popular general-purpose application, it is most commonly used for desktop virtualization. Compared to other apps, the Oracle application has more extensive and reliable support for non-commonly used guest operating systems, such as OS / 2 or Haiku. Support for the VirtualBox guest controller is also being integrated into the Linux kernel, starting with version 4.16.
They can be updated from the same application.
Vulnerabilities discovered in foscam brand ip cameras
Vulnerabilities discovered in Foscam brand IP cameras. Find out more about the problems that affect Foscam cameras.
Eight new vulnerabilities discovered in intel processors
Eight new vulnerabilities have been discovered in Intel processors, four of them are especially serious, more even than Specter.
Amd responds to vulnerabilities discovered in cpus ryzen
AMD has responded on the issue, fully minimizing the impact of these side channel vulnerabilities.