Patch now: VMware Tools for Windows root holes patched in update
ESXi, Fusion, Player and Workstation annex in-guest privilege escalation bug
- Security ,
- Patch now: VMware Tools for Windows root holes patched in update
- Intel lobs away distinct Core m3/m5 Compute Sticks, shouts 'Fetch!'
- Half of AT&T's networks are controlled by open-source SDN code
VMware sysadmins, purchase patching: the virtualisation outfit has released updates to its ESXi, Fusion, Player and Workstation software to block outside a privilege-escalation vulnerability.
The patch applies to VMware WindowsMicrosoft Windows operating system Workstation versions before 11.1.2, Player and Fusion versions prior to 7.1.2, and changeable ESXi versions depending on their patch level:
CVE-2015-6933 is a nucleus anamnesis corruption vulnerability in the tools' Shared Folders naked truth that can be exploited by software to escalate its privileges within a guest. VMware paper money that the programming blunder cannot be exploited to escape from a visitor to a host.
It was picked up by Secunia's Dmitry Janushkevich, and the CVE (common vulnerabilities and exposures) database entry was reserved in Sep 2015.
Provided you can't dart the patches correctly away, disabling the Shared Folders event (HGFS) removes the exploitation possibility.
The unabridged report with sole product renovate links is here.
Sponsored: Transform and protect your customers' animated moments
VMware backs elsewhere of Virtustream episode
VMware veep Worth Fathers steps aside to capture 'more strategic role'
VMware to chomp up Boxer, says manager techie
DellDell is a computer company that produces a wide range of both desktop and laptop systems 'fesses up: We may get back $3bn+ in VMware tracking inventory
HPE has stabbed VMware in the front with converged Azure boxen
VMware in kinda-super-secret Chinese seam experiment
Added: January 8, 2016