SECURITY THREAT – VENOM – 365 Clients not impacted

Michael Anderson IT Security

Clients –

A new security threat is getting some headlines. It is called VENOM (Virtualized Environment Neglected Operations Manipulation).

This is a serious security hole, which allows an attacker to move from within one virtual machine, across the virtual host, and into other virtual machines.

The vulnerability affects the decade-old free and open source hypervisor called Quick Emulator (QEMU).

VMWare and Microsoft Hyper-V are not affected by the VENOM vulnerability.

Key Points:

  1. No client servers under the management of 365 Technologies are at risk for the VENOM vulnerability (all of our virtualization installs use either VMware or Hyper-V).
  2. No 365 product, including 365Phoenix, Crash Plan, or 365MailSafe operate on servers using QEMU.

Should you have specific questions or concerns, please contact our team at 1-877-343-3155. Further information on the VENOM bug can be found here: http://venom.crowdstrike.com/

We will continue to monitor the emerging threat landscape, and keep you up to date.