In mid-May, Crowdstrike security researcher, Jason Geffner, discovered a new vulnerability in QEMU’s virtual Floppy Disk Controller. VENOM (CVE-2015-3456), an acronym for “Virtual Environment Neglected Operations Manipulation,” was considered a serious vulnerability, but some security experts disagreed on its severity.
How does VENOM compare to other high profile vulnerabilities?
Listen to our latest security slice podcast and hear Tim Erlin, Tyler Reguly, Ken Westin and Lane Thames discuss how VENOM works, how to separate media hype from serious threats and why extensive marketing and PR for vulnerabilities can have actually yield positive security results.
CLICK HERE TO LISTEN TO THE PODCAST
- Security Slice: To Notify or Not to Notify
- Security Slice: High Risk Healthcare
- Security Slice: Monitoring the Monitors
- Security Slice: The CAPTCHA Arms Race