📣 Send us your press release
Site updates every 15 minutes
Technology

Qihoo 360 Driver Vulnerabilities Allow Disabling Hardware Virtualization

CyberDagger LLC and Titan Code Solutions have identified critical security flaws in a Qihoo 360 driver that allow disabling hardware virtualization across all CPUs with a single IOCTL call.

2 July 2026
Qihoo 360 Driver Vulnerabilities Allow Disabling Hardware Virtualization

Joint reverse engineering by CyberDagger LLC and Titan Code Solutions has uncovered significant vulnerabilities in a Qihoo 360 "BYOVD" (Bring Your Own Vulnerable Driver). The driver, previously digitally signed, can disable hardware virtualization on all CPUs through a single IOCTL call, potentially impacting system security.

Analysis revealed that the driver's "authentication gate" fails when the driver is loaded independently. This "authentication gate" malfunction means the vulnerability can be exploited without requiring the driver to be part of a broader malicious payload, making it easier to weaponize.

The identified security flaws have been documented and added to the LOLDrivers catalog, a public database tracking vulnerable drivers. This discovery highlights the ongoing risks associated with drivers that possess kernel-level access and the importance of continuous security auditing for such components.

Original source: prweb.com