VMware Fixes Recently Discovered ESX Flaw
VMware was quick to respond to a flaw that resided in an important driver used by a number of its virtualization products, including ESX and View.
VMware was quick to respond to a flaw that resided in an important driver used by a number of its virtualization products. Three days after the discovery of the flaw in the Virtual Machine Communication Interface VMCI.sys driver, the company this morning released a bulletin detailing a fix that can prevent privilege escalation on Windows-based machines used to as host and guest machines running VMware's ESX,Workstation, Fusion, and View products.
According to the bulletin, the VMCI.sys driver contains some control code that can be exploited by manipulating memory allocation on target machines, which can result in the privilege escalation.
The bulletin lists each affected VMware product and a link for a specific download based on product and versions.
VMware's bulletin acknowledges two security experts, who discovered and reported the flaw independently of each other.
Michael Domingo is executive editor of MCPmag.com and hosts the Redmond Radio podcasts.