It’s September 2018, and Windows VMs can pwn their host servers by launching an evil app

In total, Microsoft addressed 61 CVE-listed vulnerabilities this month, including 23 that would potentially allow for remote code execution. One of the more noteworthy of those bugs is CVE-2018-8475, a remote code flaw that can be triggered simply by viewing an image file in Windows. While no exploits are out, Microsoft warns that details on the vulnerability are already public.

View Full Article