VMware Patches Security Flaw in ESX, Workstation, Fusion and View

VMware recently released updates to patch a privilege escalation vulnerability in its ESX, Workstation, Fusion and View products.

“VMware ESX, Workstation, Fusion, and View contain a vulnerability in the handling of control code in vmci.sys,” the company stated in a security advisory. “A local malicious user may exploit this vulnerability to manipulate the memory allocation through the Virtual Machine Communication Interface (VMCI) code. This could result in a privilege escalation on Windows-based hosts and on Windows-based Guest Operating Systems.”

“The hyper-sized virtualisation company wasn’t terribly clear about just how much risk the flaw exposes you to, or quite how badly you might get owned as a result,” writes Sophos’ Paul Ducklin.

“But it does not appear to be a hypervisor escape bug: that is, it may not be possible to exploit the hole to leap from a guest into the host environment and thus attack the server running the virtual machines,” writes The Register’s John Leyden. “VMware’s VMCI driver is present in the host and guest Windows operating systems and, presumably, this latest vulnerability allows a user local to the guest or host ramp up their access rights within their respective guest or host environment.”

The company thanked Derek Soeder of Cylance and Kostya Kortchinsky of Microsoft for reporting the vulnerability.

Previous articleIs SSL Secure?
Next articleJawbone Hacked
Jeff Goldman
Jeff Goldman
Jeff Goldman has been a technology journalist for more than 20 years and an eSecurity Planet contributor since 2009.

Top Products

Related articles