Security researcher Felix Boulet discovered a critical vulnerability in Docker Desktop that allows hackers to escape container isolation and gain complete control of Windows systems. The flaw, rated 9.3 out of 10 in severity, requires just two simple HTTP requests from any running container to exploit.
Attackers can mount the entire C: drive into a privileged container, essentially giving them full access to the host system. The vulnerability works regardless of security settings and affects both Windows and macOS systems, though Linux remains unaffected.
Docker has released a patch in version 4.44.3. Users should update immediately to protect their systems from potential attacks.
Source: Cybernews