virtualization security

The emergence of hypervisor-based Denuvo bypasses is not just another chapter in the long war between DRM and crackers — it is a technical shift that forces Windows users to confront a stark trade‑off: run unsigned, kernel‑level virtualization code that can mask Denuvo checks, or keep...

Google Cloud’s 2026 hardening update is a wake-up call: threat actors increasingly target the virtualization layer to perform reconnaissance, steal Active Directory material offline, or permanently destroy availability by corrupting virtual disks and backups. The technical countermeasure set it...

A subtle boundary-checking bug in QEMU’s paravirtual RDMA implementation — tracked as CVE-2023-1544 — can be triggered by a guest to cause an out-of-bounds read in pvrdma_ring_next_elem_read(), crashing the qemu process and producing a host-side denial-of-service that operators and cloud...

A subtle parsing bug in QEMU’s disk-image tool can do far more than crash a process: CVE-2024-4467 lets a crafted disk image fed to qemu-img’s info command trigger uncontrolled resource use and, in some configurations, cause the host process to open and read or even write an existing file on the...

QEMU hosts worldwide were quietly at risk of abrupt, complete shutdowns after a subtle SCSI emulation bug allowed a guest to trigger a division-by-zero that kills the QEMU process and the running virtual machine itself, a denial-of-service flaw tracked as CVE‑2023‑42467. The defect—rooted in how...

CVE‑2023‑3301 is a QEMU vulnerability that lets a malicious guest reliably trigger an assertion during a hot‑unplug operation — a race between asynchronous device teardown steps — and in practice can drop the hosting QEMU process, producing a high‑impact denial‑of‑service for affected...

A small change in libvirt’s storage lookup code left a surprising attack surface: a race in the function virStoragePoolObjListSearch that can leave the caller with an unlocked object and allow a remote or local actor to force the libvirt daemon to crash, producing a denial‑of‑service condition...

A reachable assertion in QEMU’s SCTP checksum routine can be triggered from a guest and drop the host-side QEMU process, producing a reliability- and availability-impacting denial-of-service that operators should treat as urgent: CVE-2024-3567 is a net-layer assertion failure in...

A heap buffer overflow in QEMU’s virtual crypto device — specifically in the function virtio_crypto_sym_op_helper() — creates a fragile attack surface that can be triggered when the reported source and destination lengths for a symmetric crypto operation differ; the result is a potentially...

Microsoft’s own vulnerability listing shows an entry for CVE-2026-21247 tied to Windows Hyper‑V, but the public advisory contains little low‑level detail and renders via a dynamic web application that prevents straightforward scraping; the result is a vendor‑acknowledged vulnerability with...

A widely deployed January servicing update has created a surprising reliability problem: some Windows PCs now refuse to power off cleanly, instead restarting, hanging on “Shutting down,” or powering back on after appearing to shut down — and the same regression that showed up first on Windows 11...

A widely distributed January 2026 security update left a slice of Windows PCs unable to power off cleanly: hitting the shutdown button causes some machines to restart, and in other cases the system refuses to hibernate. Microsoft acknowledged the problem, released emergency out‑of‑band patches...