VENOM Vulnerability Leaves Virtual Environments Open to Attack

The latest major vulnerability is circling the drain, this one impacts the virtual environments used to stitch the Cloud together.

VENOM, as it has been dubbed, is a creatively crafted acronym for Virtualized Environment Neglected Operations Manipulation and represents a hole in the virtual floppy drive code for a host of virtualization platforms. The impact of this vulnerability allows an attacker to bypass the VM guest mode and gain access directly to code-execution on the host, which in turn gives access to the entire farm of VMs sitting on the network.

Many VM platforms are suspect, but many of the platform vendors have already made patches available or at least begun to communicate advisories and communications. You can find the list of known advisories and patches, including affected platforms on the official VENOM page here: http://venom.crowdstrike.com/

For those wondering, the two most popular virtualization platforms, VMware and Microsoft Hyper-V, are not impacted by this vulnerability.

The bug has existed since the original Floppy Disk Controller code was first created in 2004. Active exploits have not surfaced in the wild yet.