Former employee says software giant dismissed his warnings about a critical flaw because it feared losing government business. Russian hackers later used the weakness to breach the National Nuclear Security Administration, among others.
To be fair, they’ve handled security excellently on their Xbox consoles. 360 still hasn’t had a software exploit after the King Kong exploit was patched (and even then, it needed a DVD drive that could play burned discs), and it was only recently that an Xbox One and Series kernel exploit was found, and that’s limited to the SystemOS VM.
Basically, shove everything in virtual machines and it’ll probably be fine. QubesOS does a very similar thing on the desktop side. If no running programs can access the host OS, then it’s very unlikely that code execution on the host OS can occur, save for the very rare hypervisor escape exploits.
On Windows, macOS, and most Linux distros, everything runs on the host OS.
To be fair, they’ve handled security excellently on their Xbox consoles. 360 still hasn’t had a software exploit after the King Kong exploit was patched (and even then, it needed a DVD drive that could play burned discs), and it was only recently that an Xbox One and Series kernel exploit was found, and that’s limited to the SystemOS VM.
Basically, shove everything in virtual machines and it’ll probably be fine. QubesOS does a very similar thing on the desktop side. If no running programs can access the host OS, then it’s very unlikely that code execution on the host OS can occur, save for the very rare hypervisor escape exploits.
On Windows, macOS, and most Linux distros, everything runs on the host OS.