Docker has recently announced the release of Docker Desktop version 4.44.3, which includes important security fixes and bug improvements including for Docker Desktop on Windows, Mac, or Linux.
The most significant update in this release addresses a critical vulnerability identified as CVE-2025-9074 (with a critical score of 9.3 out of 10). Prior to this fix, a malicious container running within Docker Desktop could potentially access the Docker Engine and launch additional containers without needing the Docker socket to be explicitly mounted.
The flaw allowed local Linux containers to interact with the Docker Engine API via the default subnet (192.168.65.7:2375), regardless of whether the “Expose daemon on tcp://localhost:2375 without TLS” option was enabled or if Enhanced Container Isolation (ECI) was active. This meant that even with protective measures in place, malicious containers could perform actions such as creating or managing containers, images, or mounting host drives with elevated privileges.
Alongside the security patch, the update also resolves a bug related to the Docker Offload dialog, which was previously blocking user access to the dashboard, improving overall usability.
All Docker Desktop users, including developers and IT teams, should upgrade to at least version 4.44.3 as soon as possible to mitigate these risks. Docker strongly advises updating on supported platforms including Windows, MacOS, and Linux distributions.
For detailed information, including technical references and how to update, visit the official Docker release notes here.
Leave a Reply