Docker Desktop: Windows Installer Vulnerable to Execution of Malicious Code
An updated Docker Desktop version closes a DLL hijacking vulnerability in the Windows installer, among other things.
(Image: Da Da Diamond/Shutterstock.com)
The Windows installer for Docker Desktop can be tricked into accepting incorrect DLLs. The developers are countering this with an updated software version.
The vulnerability narrowly misses classification as a critical risk. “Docker Desktop Installer.exe is vulnerable to DLL injection due to an insecure DLL search order,” the vulnerability description states. “The installer searches for required DLLs in the user's download folder before checking system directories, allowing local privilege escalation by placing malicious DLLs” (CVE-2025-9164 / EUVD-2025-36191, CVSS 8.8, Risk “high”).
Docker is closing the vulnerability with version 4.49.0. The Release Notes for the new version point to the security vulnerability. Further innovations include “Docker Debug,” now being free for all users. Naturally, AI cannot be missing; Docker is now making cagent available in Docker Desktop, which is intended to allow AI agents to be created, managed, and shared; cagent is still considered still as experimental.
Updated Components and Bug Fixes
The updated installation package also contains refreshed components: Docker Engine is included in version 28.5.1, Docker Compose in version 2.40.2. The Nvidia Container Toolkit is up to date at 1.17.9. Docker Debug can be used in version 0.0.45.
Videos by heise
Bug fixes include Docker Desktop no longer using expired proxy passwords while waiting for a new password to be entered. An error message regarding “chown” when starting Docker Debug is also now a thing of the past. On macOS, starting Kubernetes could hang if other Kubernetes contexts were already active. If a Rosetta installation is aborted or fails, Docker Desktop now deactivates Rosetta.
The minimum requirement for installation is now macOS Sonoma (version 14) or newer. In the release notes, the Docker developers also point out that support for Windows 10 21H2 and Windows 11 22H2 has ended. From the next release onwards, at least Windows 10 22H2 or Windows 11 23H2 will be required for installation.
Finally, in August, the developers closed a critical security vulnerability in Docker Desktop. This allowed malicious actors to access the host system.
(dmk)
