Last month we announced a critical VMware vulnerability where it was possible for a program running in a guest virtual machine to gain access to the host's complete file system and create or modify executable files in sensitive locations (that is, a true escape). The problem was due to a directory traversal vulnerability on the VMware share folder capabilities on Windows. VMware has announced a new security advisory that includes a set of updates for VMware Workstation, Player, Server, ACE, and Fusion (VMSA-2008-0005), resolving this vulnerability plus a few other relevant security issues:
The latest versions are:
Update as soon as possible! -- |
Raul Siles 152 Posts Mar 19th 2008 |
Thread locked Subscribe |
Mar 19th 2008 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!