VMware patches vulnerability with Windows XP, 2003 guests

Summary:When running under VMware Workstation, Fusion, ESX or ESXi hypervisors, old versions of Windows are vulnerable to privilege escalation.

VMware has issued an update for several of their hypervisor products to address a privilege escalation vulnerability when running Windows XP, Windows Server 2003 and older versions of Windows as a guest operating system.

The products are VMware WorkstationVMware Fusion and VMware ESXi and ESX. The vector for the attack is a VMware device driver LGTOSYNC.SYS. The file properties for this driver describe it as "VMware/Legato Sync Driver."

The hypervisor itself is not exploitable through this vulnerability, but an unprivileged Windows process could elevate privilege under Windows. Presumably it could attain the privileges under which LGTOSYNC.SYS runs, but the advisory does not specify what level this is.

Updated versions may be downloaded at these pages:

Topics: Security, Virtualization, VMWare


Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years. He was most recently Editorial Director of BYTE, Dark Reading and Network Computing at UBM Tech. Prior to that he spent over a decade consulting and writing on technology subjects, primarily in the area of sec... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.