VENOM

Great question Ichiban :)

There is a lot of chatter on the web right now concerning VENOM however, luckily we are not vulnerable. VENOM, CVE-2015-3456 is a QEMU FDC (floppy disk controller) vulnerability primarily effecting Xen and KVM. Our current virtualization technologies are Virtuozzo and OpenVZ which leaves us unaffected.

Keep in mind that while controlled execution of arbitrary code is possible there have been no reported exploits. The vulnerability requires root or admin privledges on the guest operating system leaving it unattractive as an attack against the VPS itself. Should VPS users be worried about an attacker targeting their server? Not likely, this is more of a concern for the VPS provider or someone running the virtualization software on a dedicated server.
 
Top