How to protect against zero-day vulnerability in VirtualBox

by | Nov 9, 2018

ETIQUETAS: Hot news | Security

Security researcher Sergey Zelenyuk has discovered a zero-day vulnerability in VirtualBox, the Open Source virtualization software developed by Oracle. This failure allows malware to leave the virtual machine and execute malicious code on the host OS that runs the VirtualBox process.

A memory corruption problem affecting the Intel PRO / 1000 MT Desktop network card (82540EM) (E1000) when the network mode is set to NAT is the cause of this vulnerability. It is independent of the operating system of both the host and the virtual machine, so users of any OS could be in danger.

According to Zelenyuk, all versions of VirtualBox prior to the newly released 5.2 have this security flaw, which is found in the default configuration of all virtual machines. The security expert published this video in which he explains this vulnerability in detail and how to exploit it.

To protect against possible attacks, it is recommended to update to the new version of VirtualBox that has been released today. It can be downloaded from the official VirtualBox website *.

Source: Tekcrispy.



Submit a Comment

Your email address will not be published. Required fields are marked *

Recent posts


Stay up to date with all the news from UDS ENTERPRISE through our social networks. Follow us!

Skip to content