VMware patches privilege escalation vulnerability

The virtualisation specialist releases an update to address a flaw in its ESX, Workstation, Fusion and View software.

VMware has released a patch for a security vulnerability in its ESX, Workstation, Fusion and View virtualisation software.

The patch fixes a flaw that could be exploited to escalate a user's privileges on a host or guest machine running Windows. Privilege escalation exploits make it possible for an application or user to perform actions within a system they would not normally have permission to carry out.

The release addresses a vulnerability in the handling of control code in vmci.sys. The flaw allows a malicious local user to use the Virtual Machine Communication Interface code to manipulate memory allocation.

More information on the vulnerability and the patch is available in VMware's security advisory.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All
See All