Even as people are still patching Heartbleed, another zero day bug called Venom, has surfaced, that leaves almost all data centers vulnerable to hackers. Heartbleed is a bug where hackers can use memory overflow to compromise computers. It had been there for long and was recently discovered. Some companies issued patches while others were still working on the patches at the time of writing this report.
Coming to Venom, it can compromise entire servers of data centers and thus, can access data of all the companies stored on the servers. With Heartbleed, it was like looking into a house from a window. With Venom, it is like breaking into a house and not only that, but also being able to break into the houses of neighbors.
It is well known that most data centers share servers to store data pertaining to different companies. They use virtualization to create different sections on the servers and then store their data in different virtualized sections.
Venom stands for Virtualized Environment Neglected Operations Manipulation. The bug is said to have been present since 2004 and is zero day, meaning it can be manipulated anytime. The best of Hypervisor systems including Xen, KVM and Oracle’s Virtual Box are also affected due to the buggy code. Microsoft’s Hyper V and VMware are not as much vulnerable as other virtualization software.
The fact that data centers create different virtualized environments to store data of different companies on same servers make it more dangerous because if one environment is compromised due to the buggy code, it becomes easier for cybercriminals to take over all other virtualized environments on the same server – irrespective of the different operating systems running on the virtualizations. All it takes for cybercriminals is to gain root access of the servers to manipulate all the environments created on them.
The companies – Oracle, Xen etc. – have not yet issued any patch for the venom bug but they accept that the flaw exist. Crowdstrike, the discoverer of the bug, says it could be the biggest bug discovered in the year 2015. The virtualization service providers have issued security advisories but are yet to issue patches.
