Exploit developer discovers security vulnerability in VirtualBox and publishes a full guide to exploiting it

A security researcher has not only discovered a vulnerability in the virtualization tool VirtualBox, but has released details of the exploit and a step-by-step guide to the zero-day vulnerability. Russian exploit developer Sergey Zelenyuk found a way to break out of VirtualBox's virtual environment and he chose to go public with the vulnerability because of his displeasure at the 'contemporary state of infosec, especially of security research and bug bounty'. Having told Oracle about the problem, he also tired of the 'delusion of grandeur and marketing bullshit' he experienced in the infosec community. Zelenyuk has published full details of the… [Continue Reading]