Dugre says that the vulnerability is easy to leverage, and his exploit confirms this as it consists of just three lines of Python code.
The vulnerability was reported responsibly to Docker, who responded quickly and addressed it in a new Docker Desktop version, 4.44.3, released last week.
Critical Docker Desktop flaw lets attackers hijack Windows hosts
Submitted 3 weeks ago by KarnaSubarna@lemmy.ml to selfhosted@lemmy.world
Comments
Jakeroxs@sh.itjust.works 3 weeks ago
SnotFlickerman@lemmy.blahaj.zone 3 weeks ago
Sucks to suck, Windows.
chunkystyles@sopuli.xyz 3 weeks ago
I run Rancher Desktop on Windows… But only because my company won’t let me use Linux, and I only use it for Dev and testing.
All that to say, I have no idea why else you would be running a container engine on a Windows host.
dataprolet@discuss.tchncs.de 3 weeks ago
Windows? Pfff!