FierceCIOFierceCIOTechWatchFierceMobileITFierceContentManagement   FierceHealthITFierceFinanceIT

Free Newsletter

About | View Sample | Privacy

VMware bug opens the door to guest-to-host exploits

April 17, 2009 — 1:37am ET | By

An exploit researcher at Immunity Inc. has crafted what the security community would coin a "guest-to-host" virtual machine exploit. By exploiting several vulnerabilities in VMware's virtualization software, a guest operating system running in a virtual machine was able to write to arbitrary memory on the Vista SP1 host, reports Computerworld.com. This bypassed protective mechanisms such as ASLR and DEP on the host operating system. In addition, the reverse can be done in order for a host system to infect a guest that it runs. 

Intel released an update to its range of VMware products late last week, which patches the security issue.

For more on this story:
- check out this security advisory at VMware
- check out this article at Computerworld

Related Articles:
VMware unveils first free, open source virtual desktop client
VMware reduces storage requirements of desktop VMs by 70 percent
VMware goes for the cloud

SHARE WITH:
Email Twitter Facebook LinkedIn StumbleUpon
Get Your FREE FierceCIO:TechWatch Email Newsletter: