An independent exploit developer and vulnerability researcher has publicly disclosed a zero-day vulnerability in VirtualBox—a popular open source virtualization software developed by Oracle—that could allow a malicious program to escape virtual machine (guest OS) and execute code on the operating system of the host machine.
The vulnerability occurs due to memory corruption issues and affects Intel PRO / 1000 MT Desktop (82540EM) network card (E1000) when the network mode is set to NAT (Network Address Translation).
The flaw is independent of the type of operating system being used by the virtual and host machines because it resides in a shared code base.
The vulnerability allows an attacker or a malicious program with root or administrator rights in the guest OS to escape and execute arbitrary code in the application layer (ring 3) of the host OS, which is used for running code from most user programs with the least privileges.
However, until it is patched, users can protect themselves against potential cyber attacks by changing the network card of their “virtual machines to PCnet (either of two) or to Paravirtualized Network.”
https://thehackernews.com/2018/11/virtualbox-zero-day-exploit.html
Leave a Reply
You must be logged in to post a comment.