Get Owned With Just Three Lines Of Python
If you use Docker Desktop, on either Windows or Mac, you are at risk unless you drop everything and update to version 4.44.3. The exploit, a mere 9.3, can evade Docker’s Enhanced Container Isolation and allow an attacker to launch additional Docker containers without needing to mount a socket. The proof of concept “binds the Windows host’s C: drive to the container’s filesystem by using two wget HTTP POST requests“. That gives them access to your whole system and with little effort they could give themselves admin on your Windows system. It is obnoxiously easy to pull off and can be rather hard to detect.
Mac users shouldn’t feel too smug, while there is still a layer of isolation protecting the system from this Docker exploit giving an attacker the ability to mount user directories without a prompt. However, the attacker will still gain complete control over your Docker install and your containers so there is plenty of opportunities for mischief.
Make sure to update as quickly as you can!