We usually limit our discussion in this blog to cybersecurity articles that would be of interest to average users, and this is not really one of those topics. But because the exploit is getting some press, and the exploit name, “venom,” is attention grabbing, we thought we would discuss it here.
The Venom exploit only matters to those of us who are using virtual machines. A virtual machine is created using virtualization software, and basically let a single physical host computer think that it is really several separate computers. Basically, this is like multiple personalities for computers. We use virtualization to run Windows 7 in the host system, and then Windows 8 and Windows 10 in virtual machines for training and testing. We also run Kali Linux and Ubuntu Linux in VMs on the same system, so althogether 5 differnt operating systems can be running on one machine at the same time. This comes in handy for examining suspicious web links or malware in a system that can be sacrificed and easily replaced if necessary.
The other place where a virtual machine may be running in your world is where you are hosting your website. Your web host undoubtedly is running virtual servers behind the scenes, and you would not necessarily know it unless you asked.
Bottom line, if your virtualization environment is running in Microsoft Hyper-V or VMWare, this issue does not apply to you. But if you are virtualizing using any version which included the QEMU code, and this includes KVM, Xen and VirtualBox, then you may have an issue which can be easily resolved by applying all updates and patches to your VM software environment.
For more information see this article on SophosShare