VMware patches privilege escalation vulnerability

Summary:The virtualisation specialist releases an update to address a flaw in its ESX, Workstation, Fusion and View software.

VMware has released a patch for a security vulnerability in its ESX, Workstation, Fusion and View virtualisation software.

The patch fixes a flaw that could be exploited to escalate a user's privileges on a host or guest machine running Windows. Privilege escalation exploits make it possible for an application or user to perform actions within a system they would not normally have permission to carry out.

The release addresses a vulnerability in the handling of control code in vmci.sys. The flaw allows a malicious local user to use the Virtual Machine Communication Interface code to manipulate memory allocation.

More information on the vulnerability and the patch is available in VMware's security advisory.

Topics: Virtualization, Enterprise Software, Security, VMWare

About

Nick Heath is chief reporter for TechRepublic UK. He writes about the technology that IT-decision makers need to know about, and the latest happenings in the European tech scene.

Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.