hits counter
Patch now: VMware Tools for Windows root holes patched in update

Patch now: VMware Tools for Windows root holes patched in update

ESXi, Fusion, Player and Workstation annex in-guest privilege escalation bug

Richard Chirgwin
Get email alert when this author posts
Everyday Topics
  • NBN,
  • Privacy,
  • Security ,
  • Science,
  • Google
Virgin Articles
  • Patch now: VMware Tools for Windows root holes patched in update
  • Intel lobs away distinct Core m3/m5 Compute Sticks, shouts 'Fetch!'
  • Half of AT&T's networks are controlled by open-source SDN code

VMware sysadmins, purchase patching: the virtualisation outfit has released updates to its ESXi, Fusion, Player and Workstation software to block outside a privilege-escalation vulnerability.

The patch applies to VMware WindowsMicrosoft Windows operating system Workstation versions before 11.1.2, Player and Fusion versions prior to 7.1.2, and changeable ESXi versions depending on their patch level:

CVE-2015-6933 is a nucleus anamnesis corruption vulnerability in the tools' Shared Folders naked truth that can be exploited by software to escalate its privileges within a guest. VMware paper money that the programming blunder cannot be exploited to escape from a visitor to a host.

It was picked up by Secunia's Dmitry Janushkevich, and the CVE (common vulnerabilities and exposures) database entry was reserved in Sep 2015.

Provided you can't dart the patches correctly away, disabling the Shared Folders event (HGFS) removes the exploitation possibility.

The unabridged report with sole product renovate links is here.

Sponsored: Transform and protect your customers' animated moments

VMware backs elsewhere of Virtustream episode

Deal place up with EMC collapses in face of investor intransigence
5 Comments
management management4

VMware veep Worth Fathers steps aside to capture 'more strategic role'

He's not detail of dissimilar cloudy adventure with EMC
VMware nutella

VMware to chomp up Boxer, says manager techie

'Consumer simple, enterprise secure,' device banal
Godzila

DellDell is a computer company that produces a wide range of both desktop and laptop systems 'fesses up: We may get back $3bn+ in VMware tracking inventory

Shopping the shares blop
Knife block

HPE has stabbed VMware in the front with converged Azure boxen

Ye olde HP said it was very overloaded to sell EVO:RAIL appliances
China

VMware in kinda-super-secret Chinese seam experiment

Virtzilla makes a cloud and HPC play in the Centre Country
Comments: [0] / Post comment:

Keywords: