Wow serious VMWare vulnerability HOST system infection
A flaw in vmware could allow malicious code to be run on the host machine according to Sunbeltblog and citing VMWare’s knowledge base. This is pretty big since this is something that’s not considered as a threat. (Many people use vmware and other virtual machines for malware/virus/spyware investigations because they’re supposed to be isolated from the host machine.)
A vulnerability has been discovered in vmnat.exe on Windows hosts and vmnet-natd on Linux systems. The vulnerability in this component affects VMware Workstation 5.5, VMware GSX Server 3.2, VMware ACE 1.0.1, VMware Player 1.0, and previous releases of these products. The vulnerability makes it possible for a malicious guest using a NAT networking configuration to execute unwanted code on the host machine.
VMware believes that the vulnerability is very serious and recommends that affected users update their products to the new releases available at www.vmware.com/download or change the configuration of the virtual machine so it does not use NAT networking.
It even affects the recent vmware player as noted above.
Popularity: 1% [?]
Related Posts - Malicious .biz site and browser vulnerabilities This from incidents.org as well... A user visited a webpage and got redirected to hxxp://iframebiz.biz/dl/adv443.php (tt changed to xx to protect anyone from getting there...) Among other things... the page was obfuscated and many malicious bits of software loaded through javascript.... such as hxxp://iframebiz.biz/dl/adv443/sploit.anr and hxxp://iframebiz.biz/dl/loadadv443.exe and hxxp://iframebiz.biz/dl/adv443.hta and some......
- Microsoft's unpatched security bugs George Ou at ZDnet is mystified (as many of us are) at why Microsoft can't patch ALL their security vulnerabilities. Most of the unpatched vulnerabilities are considered minor (as was the 6 month old bug that in the last week was discovered could be exploited for more than a Denial......
- Sneaky TorrentSpy bundling... Sunbeltblog is talking about torrentspy, which has licensed their own version of Rufus, a bittorrent client. All well and good, but... they've decided to bundle WhenU SaveNow *(adware) with THEIR version of Rufus. This has ticked off the writers of Rufus among others. What's more, they haven't disclosed the bundling......
Related Websites - Self-Hosted Open Source Softwares The most simple way to publish a website or blogs are by using the open sources software. These software are mostly free and ready for upload at their respective websites. They are also compatible with most of the database and language system of most hosting servers. The software or weblog......
- How to Use Coin Collecting Software Finding the value of your coins is something which most people who have a coin collection are very concerned with. This is true whether you are buying a set of coins or you have had your collection for a long period of time. There have been books over the years......
- How To Make Money on the Internet - Back to Basics I have been thinking to write this post from a couple of days, but I didn't have much time to compile all the basic ways to make money online. Today it's Sunday and I got couple of hours, so I am writing this post. This post is basically for newbies......
Similar Posts
- VMware Player officially released
- Virtualization | QEmu | VMWare | Virtualbox
- VM Player vmx builder
- VMware Server
- VMware server usb devices not listed on Mandriva host