An Interest In:
Web News this Week
- April 18, 2024
- April 17, 2024
- April 16, 2024
- April 15, 2024
- April 14, 2024
- April 13, 2024
- April 12, 2024
July 30, 2016 08:00 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/QVsbjJZIb7Q/xen-vulnerability-allows-hackers-to-escape-qubes-os-vm-and-own-the-host
Xen Vulnerability Allows Hackers To Escape Qubes OS VM And Own the Host
Slashdot reader Noryungi writes: Qubes OS certainly has an intriguing approach to security, but a newly discovered Xen vulnerability allows a hacker to escape a VM and own the host. If you are running Qubes, make sure you update the dom0 operating system to the latest version. "A malicious, paravirtualized guest administrator can raise their system privileges to that of the host on unpatched installations," according to an article in IT News, which quotes Xen as saying "The bits considered safe were too broad, and not actually safe." IT News is also reporting that Qubes will move to full hardware memory virtualization in its next 4.0 release. Xen's hypervisor "is used by cloud giants Amazon Web Services, IBM and Rackspace," according to the article, which quotes a Qubes security researcher who asks the age-old question. "Has Xen been written by competent developers? How many more bugs of this caliber are we going to witness in the future?"Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/QVsbjJZIb7Q/xen-vulnerability-allows-hackers-to-escape-qubes-os-vm-and-own-the-host
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot