https://thehackernews.com/2018/11/virtualbox-zero-day-exploit.html
Here is an interesting story on Oracles Virtual box. It turns out researchers have found a weakness that allows attackers to gain root access from the guest OS and execute code on the host OS.
According to the researchers, the vulnerability allows an attacker or a malicious program with root or administrator rights in the guest OS to escape and execute arbitrary code in the application layer (ring 3) of the host OS, which is used for running code from most user programs with the least privileges.
Following successful exploitation, the researcher believes an attacker can also obtain kernel privileges (ring 0) on the host machine by exploiting other vulnerabilities.
Leave a Reply
You must be logged in to post a comment.