Security Advisory

[Important Security Warning] The old community version of Virtio driver may cause data loss and security risks in ECS

After testing by Alibaba Cloud, it is found that the uniqueID generated by the old community version of Virtio driver for different disks is a fixed value. When using disk management software to operate the disk file system in a multi-disk environment, this problem may cause inconsistencies between the actual effective disk and the expected disk, which may result in data loss and security risks. In other words, the formatting operation in Windows may cause the data on the non-target disk to be formatted, resulting in data loss. It has been identified that the above situation occurs when using the Server Manager to operate the disk file system in Windows Server 2012, 2016 and 2019.

The new version of Virtio driver has been updated in all regions. Update method: https://help.aliyun.com/document_detail/217543.html