Dugre says that the vulnerability is easy to leverage, and his exploit confirms this as it consists of just three lines of Python code.
The vulnerability was reported responsibly to Docker, who responded quickly and addressed it in a new Docker Desktop version, 4.44.3, released last week.
Critical Docker Desktop flaw lets attackers hijack Windows hosts
Submitted 1 month ago by KarnaSubarna@lemmy.ml to selfhosted@lemmy.world
Comments
Jakeroxs@sh.itjust.works 1 month ago
SnotFlickerman@lemmy.blahaj.zone 1 month ago
Sucks to suck, Windows.
chunkystyles@sopuli.xyz 1 month ago
I run Rancher Desktop on Windows… But only because my company won’t let me use Linux, and I only use it for Dev and testing.
All that to say, I have no idea why else you would be running a container engine on a Windows host.
dataprolet@discuss.tchncs.de 1 month ago
Windows? Pfff!