VENOM, CVE-2015-3456, is a security vulnerability

Discussion in 'Industry News' started by Enterprisevpssolutions, May 18, 2015.

Thread Status:
Not open for further replies.
  1. Enterprisevpssolutions

    Enterprisevpssolutions Article Submitter Verified Provider

    242
    29
    May 22, 2013
    Not sure if you guys new about the issue yet just wanted to give you guys a heads up as I was updating my systems and found this on the alert.

    More info on this site link below a little snippet of info from the site about the security issue.

    http://venom.crowdstrike.com/

    VENOM, CVE-2015-3456, is a security vulnerability in the virtual floppy drive code used by many computer virtualization platforms. This vulnerability may allow an attacker to escape from the confines of an affected virtual machine (VM) guest and potentially obtain code-execution access to the host. Absent mitigation, this VM escape could open access to the host system and all other VMs running on that host, potentially giving adversaries significant elevated access to the host’s local network and adjacent systems.

    Exploitation of the VENOM vulnerability can expose access to corporate intellectual property (IP), in addition to sensitive and personally identifiable information (PII), potentially impacting the thousands of organizations and millions of end users that rely on affected VMs for the allocation of shared computing resources, as well as connectivity, storage, security, and privacy.
     
  2. kcaj

    kcaj New Member

    117
    44
    Apr 30, 2014
    No flies on you.
     
  3. HalfEatenPie

    HalfEatenPie The Irrational One Retired Staff

    2,890
    1,386
    Mar 25, 2013
    HalfEatenPie
    Howdy!

    Thanks for the heads up! However I'm going to close this thread and redirect people to the original thread made a week ago here: 
     
    MannDude likes this.
Thread Status:
Not open for further replies.