Home – New Forums Tech talk VENOM – New Computer Security Threat

  • This topic is empty.
Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #991730
    Gizmo
    Member
    • Total posts: 731
    Up
    0
    ::

    Hello Flyingsoloians!

    If you business uses virtualized computers please get a hold of your IT person ASAP.
    From what I have read this is a VERY big security threat with very BIG repercussions.

    #1183006
    TehCamel
    Member
    • Total posts: 873
    Up
    0
    ::

    – Legacy floppy disk controller. You shouldn’t ever virtualise this unless you have an actual need for it anyway
    – VMware andHyperV aren’t vulnerable. (These the the primary hypervisors in use by many businesses. The sorts that use Xen and Kvm would be all over it – people who use virtualbox are, hopefully, not using it for production)

    #1183007
    Divert To Mobile
    Member
    • Total posts: 2,751
    Up
    0
    ::

    It reminds me of an exploit I heard about against online servers using a windows 98 internet explorer browser.

    Steve

    #1183008
    TehCamel
    Member
    • Total posts: 873
    Up
    0
    ::
    tameka7, post: 214831, member: 67895 wrote:
    New security vulnerability is putting risk to all the computer machines. It is called venom a new security threat and the most odd thing, it exploit the vulnerability in something that no one use the floppy drive.The greater risks is that it allows the cybercriminal to access the host machine.

    Actually… this is not correct. It exploits a vulnerability in SOME instances, of Virtual Floppy Disk Drivers for virtual guests. In most circumstances (especially the kinds using qemu etc) vFDC are rarely used.

    It doesn’t affect “all the computer machines” either – it’s quite specific in what it affects and it doesn’t affect the kinds of platforms that would commonly be employed by small businesses (Vmware, HyperV are both immune.)

    #1183009
    Anonymous
    Guest
    • Total posts: 11,464
    Up
    0
    ::

    Hi Andy,

    The comment you’re referring to was posted by a spammer, and has been removed now.

    Apologies for the inconvenience,
    Jayne

Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.