VMware patched a number of its products vulnerability to an XML External Entities vulnerability in the Apache Flex BlazeDS product integrated into VMware.
Browsing Category: Virtualization
Microsoft addressed an issue in its hypervisor, Hyper-V, this week, that could lead to a denial of service condition.
Mike Mimoso and Chris Brook discuss the news of the week: The latest Xen vulnerability, CISA passing the Senate, a researcher challenging that Weak DH paper, and more.
Xen patched a seven-year-old vulnerability that allows an attacker to escape a guest virtual machine and attack the host operating system.
Amazon announced the release of Inspector, an application-scanning tool for apps running in EC2 instances that looks for compliance levels and vulnerabilities introduced during development.
The Xen Project has patched a serious vulnerability that could allow an attacker in a guest virtual machine to escape and gain the ability to run arbitrary code on the host machine. The vulnerability is in the QEMU open source machine emulator that ships as part of the Xen hypervisor. The problem is related to the[…]
Dennis Fisher and Mike Mimoso talk about the VENOM vulnerability, the idea of marketing bugs, Microsoft’s new Edge browser security features and the awesome CSI: Cyber finale.
Dennis Fisher talks with Dan Kaminsky about the VENOM bug, the value of virtual machine escapes, why everyone wants to make every bug the worst one of all time or just a bunch of hype and what the Avengers have to do with vulnerability disclosure.
Researchers have uncovered a vulnerability in an obscure component of many virtualization platforms that they say can allow an attacker to escape from a guest virtual machine and gain code execution on the host, as well as any other VMs operating on that machine. Experts say the bug affects a wide variety of virtualization software[…]
VMware has issued an update to a number of its products fixing an information disclosure bug in Oracle’s Java runtime environment.