Dugre says that the vulnerability is easy to leverage, and his exploit confirms this as it consists of just three lines of Python code.
The vulnerability was reported responsibly to Docker, who responded quickly and addressed it in a new Docker Desktop version, 4.44.3, released last week.
Critical Docker Desktop flaw lets attackers hijack Windows hosts
Submitted 2 months ago by KarnaSubarna@lemmy.ml to selfhosted@lemmy.world
Comments
Jakeroxs@sh.itjust.works 2 months ago
SnotFlickerman@lemmy.blahaj.zone 2 months ago
Sucks to suck, Windows.
chunkystyles@sopuli.xyz 2 months ago
I run Rancher Desktop on Windows… But only because my company won’t let me use Linux, and I only use it for Dev and testing.
All that to say, I have no idea why else you would be running a container engine on a Windows host.
dataprolet@discuss.tchncs.de 2 months ago
Windows? Pfff!