News

VMware Fixes Recently Discovered ESX Flaw

VMware was quick to respond to a flaw that resided in an important driver used by a number of its virtualization products, including ESX and View.

VMware was quick to respond to a flaw that resided in an important driver used by a number of its virtualization products. Three days after the discovery of the flaw in the Virtual Machine Communication Interface VMCI.sys driver, the company this morning released a bulletin detailing a fix that can prevent privilege escalation on Windows-based machines used to as host and guest machines running VMware's ESX,Workstation, Fusion, and View products.

According to the bulletin, the VMCI.sys driver contains some control code that can be exploited by manipulating memory allocation on target machines, which can result in the privilege escalation.

The bulletin lists each affected VMware product and a link for a specific download based on product and versions.

VMware's bulletin acknowledges two security experts, who discovered and reported the flaw independently of each other.

About the Author

Michael Domingo has held several positions at 1105 Media, and is currently the editor in chief of Visual Studio Magazine.

comments powered by Disqus

Virtualization Review

Sign up for our newsletter.

I agree to this site's Privacy Policy.