VENOM - Major exploit affecting most VPS's (Xen, KVM, etc.)

[Mouth]

If you have a VPS, then strongly suggest you check with your hosting provider that they are urgently mitigating this newly released major exploit.

"a security vulnerability in the virtual floppy drive code used by many computer virtualization platforms. This vulnerability may allow an attacker to escape from the confines of an affected virtual machine (VM) guest and potentially obtain code-execution access to the host. Absent mitigation, this VM escape could open access to the host system and all other VMs running on that host, potentially giving adversaries significant elevated access to the host’s local network and adjacent systems."

More: http://venom.crowdstrike.com

 

[EQnoble]

Emulate a floppy drive, take over a server...seems legit. Either way I'm patched.

 

[Tower]

Might add as well,

In XSA-133, which is the Xen Security Advisory that provides details related to this vulnerability, it states that “Systems running only x86 PV guests are not vulnerable”. This vulnerability applies to QEMU guests on KVM and XEN HVM Guests.

For linode customers,
Should not be affected.

https://blog.linode.com/2015/05/13/venom-cve-2015-3456-vulnerability-and-linode/

 

[Rusty Snippets]

I was just clicking over to my homepage, when my Malwarebytes Anti-Exploit tool popped up this message.............





I have no idea if this is related or not, but I briefly saw an Adobe error at the top of the page before clicking away too quickly. It's a brand new site, could have just been a fluke.

 

[D.O.A.]

I like how malware gets its own themeforest theme these days.

Heartbleed didn't have enough infograph.jpg so this new one pleases me.