Select Page

Just a few days prior to its monthly patch release, Microsoft released an emergency patch for a critical vulnerability in the Windows Host Compute Service Shim (hcsshim) library that could allow remote attackers to run malicious code on Windows computers.

Windows Host Compute Service Shim (hcsshim) is an open source library that helps “Docker for Windows” execute Windows Server containers using a low-level container management API in Hyper-V.

Discovered by Swiss developer and security researcher Michael Hanselmann, the critical vulnerability (tracked as CVE-2018-8115) is the result of the failure of the hcsshim library to properly validate input when importing a Docker container image.

images from Hacker News