{"id":3372,"date":"2015-05-15T18:50:03","date_gmt":"2015-05-15T18:50:03","guid":{"rendered":"http:\/\/www.deltamatica.it\/?p=3372"},"modified":"2017-08-14T21:39:01","modified_gmt":"2017-08-14T21:39:01","slug":"server-security-poisonous-threat","status":"publish","type":"post","link":"https:\/\/www.deltamatica.it\/en\/server-security-poisonous-threat\/","title":{"rendered":"Server security: a poisonous threat"},"content":{"rendered":"
\n
\n
\n
\n
\n
After heartbleed, a breakthrough new vulnerability has emerged in some of the world’s leading virtualization platforms, powering millions of VPS<\/strong> hosting contracts, virtual private servers, and shared hosting. <\/span>This is Virtualized Environment Neglected Operations Manipulations<\/em> (VENOM, English poison), which allows those who know how to exploit it to control of not only the virtual machine affected by the bug but also all those on the same hypervisor. <\/span>By analogy, if someone with Heartbleed had the chance to enter your home and take possession of it, now VENOM can take control of your home and neighborhood.<\/span><\/span><\/span><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n

<\/p>\n

\"\"<\/a>The source of this vulnerability is a buffer overflow<\/em> in the virtual floppy disk controller. <\/span>The bug is present since 2004 in the open source QEMU<\/strong> emulator, whose legacy controller is now used in Xen, KVM, and Virtualbox<\/strong> virtualization platforms. <\/span>Bochs, VMWare, and Microsoft Hyper-V are immune to the bug.<\/span><\/span><\/p>\n

Upcoming updates of affected platforms will introduce corrections to bugs already announced; m<\/span>eanwhile, the easiest remedy is to disable the floppy driver on the virtualization platform. <\/span>On the other hand in 2015 you can do without the floppy in most cases.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

After heartbleed, a breakthrough new vulnerability has emerged in some of the world’s leading virtualization platforms, powering millions of VPS hosting contracts, virtual private servers, and shared hosting. This is Virtualized Environment Neglected Operations Manipulations (VENOM, English poison), which allows those who know how to exploit it to control of not only the virtual machine […]<\/p>\n","protected":false},"author":2,"featured_media":3373,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[38],"tags":[39],"class_list":["post-3372","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-security"],"yoast_head":"Server security: a poisonous threat | Deltamatica di Raffaele D'Elia | international Web and SEO Agency<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.deltamatica.it\/en\/server-security-poisonous-threat\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Server security: a poisonous threat | Deltamatica di Raffaele D'Elia | international Web and SEO Agency\" \/>\n<meta property=\"og:description\" content=\"After heartbleed, a breakthrough new vulnerability has emerged in some of the world’s leading virtualization platforms, powering millions of VPS hosting contracts, virtual private servers, and shared hosting. This is Virtualized Environment Neglected Operations Manipulations (VENOM, English poison), which allows those who know how to exploit it to control of not only the virtual machine […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.deltamatica.it\/en\/server-security-poisonous-threat\/\" \/>\n<meta property=\"og:site_name\" content=\"Deltamatica di Raffaele D'Elia | international Web and SEO Agency\" \/>\n<meta property=\"article:publisher\" content=\"\/www.facebook.com\/deltamatica\" \/>\n<meta property=\"article:published_time\" content=\"2015-05-15T18:50:03+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2017-08-14T21:39:01+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.deltamatica.it\/wp-content\/uploads\/2017\/03\/venom.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"732\" \/>\n\t<meta property=\"og:image:height\" content=\"915\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"admindmt\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@deltamatica\" \/>\n<meta name=\"twitter:site\" content=\"@deltamatica\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admindmt\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.deltamatica.it\\\/en\\\/server-security-poisonous-threat\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.deltamatica.it\\\/en\\\/server-security-poisonous-threat\\\/\"},\"author\":{\"name\":\"admindmt\",\"@id\":\"https:\\\/\\\/www.deltamatica.it\\\/en\\\/#\\\/schema\\\/person\\\/4cda3ae52960dda1733d1f34aa70997c\"},\"headline\":\"Server security: a poisonous threat\",\"datePublished\":\"2015-05-15T18:50:03+00:00\",\"dateModified\":\"2017-08-14T21:39:01+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.deltamatica.it\\\/en\\\/server-security-poisonous-threat\\\/\"},\"wordCount\":191,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.deltamatica.it\\\/en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.deltamatica.it\\\/en\\\/server-security-poisonous-threat\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.deltamatica.it\\\/wp-content\\\/uploads\\\/2017\\\/03\\\/venom.jpg\",\"keywords\":[\"security\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.deltamatica.it\\\/en\\\/server-security-poisonous-threat\\\/\",\"url\":\"https:\\\/\\\/www.deltamatica.it\\\/en\\\/server-security-poisonous-threat\\\/\",\"name\":\"Server security: a poisonous threat | Deltamatica di Raffaele D'Elia | international Web and SEO Agency\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.deltamatica.it\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.deltamatica.it\\\/en\\\/server-security-poisonous-threat\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.deltamatica.it\\\/en\\\/server-security-poisonous-threat\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.deltamatica.it\\\/wp-content\\\/uploads\\\/2017\\\/03\\\/venom.jpg\",\"datePublished\":\"2015-05-15T18:50:03+00:00\",\"dateModified\":\"2017-08-14T21:39:01+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.deltamatica.it\\\/en\\\/server-security-poisonous-threat\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.deltamatica.it\\\/en\\\/server-security-poisonous-threat\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.deltamatica.it\\\/en\\\/server-security-poisonous-threat\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.deltamatica.it\\\/wp-content\\\/uploads\\\/2017\\\/03\\\/venom.jpg\",\"contentUrl\":\"https:\\\/\\\/www.deltamatica.it\\\/wp-content\\\/uploads\\\/2017\\\/03\\\/venom.jpg\",\"width\":732,\"height\":915},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.deltamatica.it\\\/en\\\/server-security-poisonous-threat\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.deltamatica.it\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Server security: a poisonous threat\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.deltamatica.it\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.deltamatica.it\\\/en\\\/\",\"name\":\"Deltamatica di Raffaele D'Elia | international Web and SEO Agency\",\"description\":\"Web marketing, SEO e Digital Media\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.deltamatica.it\\\/en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.deltamatica.it\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.deltamatica.it\\\/en\\\/#organization\",\"name\":\"Deltamatica di D'Elia Raffaele\",\"url\":\"https:\\\/\\\/www.deltamatica.it\\\/en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.deltamatica.it\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.deltamatica.it\\\/wp-content\\\/uploads\\\/2017\\\/03\\\/logo-deltamatica.png\",\"contentUrl\":\"https:\\\/\\\/www.deltamatica.it\\\/wp-content\\\/uploads\\\/2017\\\/03\\\/logo-deltamatica.png\",\"width\":300,\"height\":69,\"caption\":\"Deltamatica di D'Elia Raffaele\"},\"image\":{\"@id\":\"https:\\\/\\\/www.deltamatica.it\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"\\\/www.facebook.com\\\/deltamatica\",\"https:\\\/\\\/x.com\\\/deltamatica\",\"https:\\\/\\\/it.linkedin.com\\\/in\\\/raffaeledelia\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.deltamatica.it\\\/en\\\/#\\\/schema\\\/person\\\/4cda3ae52960dda1733d1f34aa70997c\",\"name\":\"admindmt\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f10266d7bd077a7ee486c4ea105ecf227ce6a7e0fd209f2f13177026fa1a4a44?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f10266d7bd077a7ee486c4ea105ecf227ce6a7e0fd209f2f13177026fa1a4a44?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f10266d7bd077a7ee486c4ea105ecf227ce6a7e0fd209f2f13177026fa1a4a44?s=96&d=mm&r=g\",\"caption\":\"admindmt\"}}]}<\/script>","yoast_head_json":{"title":"Server security: a poisonous threat | Deltamatica di Raffaele D'Elia | international Web and SEO Agency","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.deltamatica.it\/en\/server-security-poisonous-threat\/","og_locale":"en_US","og_type":"article","og_title":"Server security: a poisonous threat | Deltamatica di Raffaele D'Elia | international Web and SEO Agency","og_description":"After heartbleed, a breakthrough new vulnerability has emerged in some of the world’s leading virtualization platforms, powering millions of VPS hosting contracts, virtual private servers, and shared hosting. This is Virtualized Environment Neglected Operations Manipulations (VENOM, English poison), which allows those who know how to exploit it to control of not only the virtual machine […]","og_url":"https:\/\/www.deltamatica.it\/en\/server-security-poisonous-threat\/","og_site_name":"Deltamatica di Raffaele D'Elia | international Web and SEO Agency","article_publisher":"\/www.facebook.com\/deltamatica","article_published_time":"2015-05-15T18:50:03+00:00","article_modified_time":"2017-08-14T21:39:01+00:00","og_image":[{"width":732,"height":915,"url":"https:\/\/www.deltamatica.it\/wp-content\/uploads\/2017\/03\/venom.jpg","type":"image\/jpeg"}],"author":"admindmt","twitter_card":"summary_large_image","twitter_creator":"@deltamatica","twitter_site":"@deltamatica","twitter_misc":{"Written by":"admindmt","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.deltamatica.it\/en\/server-security-poisonous-threat\/#article","isPartOf":{"@id":"https:\/\/www.deltamatica.it\/en\/server-security-poisonous-threat\/"},"author":{"name":"admindmt","@id":"https:\/\/www.deltamatica.it\/en\/#\/schema\/person\/4cda3ae52960dda1733d1f34aa70997c"},"headline":"Server security: a poisonous threat","datePublished":"2015-05-15T18:50:03+00:00","dateModified":"2017-08-14T21:39:01+00:00","mainEntityOfPage":{"@id":"https:\/\/www.deltamatica.it\/en\/server-security-poisonous-threat\/"},"wordCount":191,"commentCount":0,"publisher":{"@id":"https:\/\/www.deltamatica.it\/en\/#organization"},"image":{"@id":"https:\/\/www.deltamatica.it\/en\/server-security-poisonous-threat\/#primaryimage"},"thumbnailUrl":"https:\/\/www.deltamatica.it\/wp-content\/uploads\/2017\/03\/venom.jpg","keywords":["security"],"articleSection":["Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.deltamatica.it\/en\/server-security-poisonous-threat\/","url":"https:\/\/www.deltamatica.it\/en\/server-security-poisonous-threat\/","name":"Server security: a poisonous threat | Deltamatica di Raffaele D'Elia | international Web and SEO Agency","isPartOf":{"@id":"https:\/\/www.deltamatica.it\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.deltamatica.it\/en\/server-security-poisonous-threat\/#primaryimage"},"image":{"@id":"https:\/\/www.deltamatica.it\/en\/server-security-poisonous-threat\/#primaryimage"},"thumbnailUrl":"https:\/\/www.deltamatica.it\/wp-content\/uploads\/2017\/03\/venom.jpg","datePublished":"2015-05-15T18:50:03+00:00","dateModified":"2017-08-14T21:39:01+00:00","breadcrumb":{"@id":"https:\/\/www.deltamatica.it\/en\/server-security-poisonous-threat\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.deltamatica.it\/en\/server-security-poisonous-threat\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.deltamatica.it\/en\/server-security-poisonous-threat\/#primaryimage","url":"https:\/\/www.deltamatica.it\/wp-content\/uploads\/2017\/03\/venom.jpg","contentUrl":"https:\/\/www.deltamatica.it\/wp-content\/uploads\/2017\/03\/venom.jpg","width":732,"height":915},{"@type":"BreadcrumbList","@id":"https:\/\/www.deltamatica.it\/en\/server-security-poisonous-threat\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.deltamatica.it\/en\/"},{"@type":"ListItem","position":2,"name":"Server security: a poisonous threat"}]},{"@type":"WebSite","@id":"https:\/\/www.deltamatica.it\/en\/#website","url":"https:\/\/www.deltamatica.it\/en\/","name":"Deltamatica di Raffaele D'Elia | international Web and SEO Agency","description":"Web marketing, SEO e Digital Media","publisher":{"@id":"https:\/\/www.deltamatica.it\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.deltamatica.it\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.deltamatica.it\/en\/#organization","name":"Deltamatica di D'Elia Raffaele","url":"https:\/\/www.deltamatica.it\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.deltamatica.it\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.deltamatica.it\/wp-content\/uploads\/2017\/03\/logo-deltamatica.png","contentUrl":"https:\/\/www.deltamatica.it\/wp-content\/uploads\/2017\/03\/logo-deltamatica.png","width":300,"height":69,"caption":"Deltamatica di D'Elia Raffaele"},"image":{"@id":"https:\/\/www.deltamatica.it\/en\/#\/schema\/logo\/image\/"},"sameAs":["\/www.facebook.com\/deltamatica","https:\/\/x.com\/deltamatica","https:\/\/it.linkedin.com\/in\/raffaeledelia"]},{"@type":"Person","@id":"https:\/\/www.deltamatica.it\/en\/#\/schema\/person\/4cda3ae52960dda1733d1f34aa70997c","name":"admindmt","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f10266d7bd077a7ee486c4ea105ecf227ce6a7e0fd209f2f13177026fa1a4a44?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f10266d7bd077a7ee486c4ea105ecf227ce6a7e0fd209f2f13177026fa1a4a44?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f10266d7bd077a7ee486c4ea105ecf227ce6a7e0fd209f2f13177026fa1a4a44?s=96&d=mm&r=g","caption":"admindmt"}}]}},"_links":{"self":[{"href":"https:\/\/www.deltamatica.it\/en\/wp-json\/wp\/v2\/posts\/3372","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.deltamatica.it\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.deltamatica.it\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.deltamatica.it\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.deltamatica.it\/en\/wp-json\/wp\/v2\/comments?post=3372"}],"version-history":[{"count":0,"href":"https:\/\/www.deltamatica.it\/en\/wp-json\/wp\/v2\/posts\/3372\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.deltamatica.it\/en\/wp-json\/wp\/v2\/media\/3373"}],"wp:attachment":[{"href":"https:\/\/www.deltamatica.it\/en\/wp-json\/wp\/v2\/media?parent=3372"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.deltamatica.it\/en\/wp-json\/wp\/v2\/categories?post=3372"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.deltamatica.it\/en\/wp-json\/wp\/v2\/tags?post=3372"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}