Virtualization: Just Another Layer Of Software To Patch?Virtualization: Just Another Layer Of Software To Patch?
Researchers at Core Security have issued an advisory warning users of a significant security flaw in a number of VMware desktop apps that could allow attackers to gain complete access to the underlying operating system.
February 25, 2008
Researchers at Core Security have issued an advisory warning users of a significant security flaw in a number of VMware desktop apps that could allow attackers to gain complete access to the underlying operating system."What's most relevant about this vulnerability is it demonstrates how virtual environments can provide an open door to the underlying infrastructures that host them," said Iván Arce, CTO at Core Security Technologies, in a statement.
The vulnerability affects VMware Workstation, Player, and ACE software. It is only exploitable when Shared Folders are enabled -- which is a default setting -- and at least one folder on the Host system is configured for sharing.
For enterprise users, this flaw doesn't affect VMWare's level 1 virtualization platforms, such as ESX. But on Thursday, the virtualization software maker did release a handful of vulnerabilities that do affect ESX. These flaws enable you to gain access to data and bypass security controls.
One of the first software applications I installed when I bought a MacBook Pro last summer was Parallels. After the initial amazement of running my Windows apps on my Mac wore off, I uninstalled it. I had quickly realized the level of complexity -- and risk -- I was bringing to my primary OS X operating system.
I'm much happier with Boot Camp. It runs at native speed. It doesn't hang. And I can harden it down and not worry, should it become comprised, that my primary OS also is at risk.
As for the current VMware flaw, Core Security recommends the following remedial actions:
Disable Shared Folders for all virtual machines that use the feature.
If the Shared Folders feature is required, configure it for read-only access.
If the Shared Folders feature is required, implement appropriate file system monitoring and access control mechanisms on the Host operating system.
Upgrade your VMware software to a nonvulnerable version.
(Don't you always just appreciate it when vendors suggest you UPGRADE your way out of a vulnerability?)
About the Author(s)
You May Also Like
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingDec 12, 2023
SecOps & DevSecOps in the CloudDec 14, 2023
What's In Your Cloud?Jan 17, 2024
Everything You Need to Know About DNS AttacksJan 18, 2024
9 Traits You Need to Succeed as a Cybersecurity Leader
The Ultimate Guide to the CISSP
Gone Phishing: How to Defend Against Persistent Phishing Attempts Targeting Your Organization
2022 Insurance Industry Cyber Threat Landscape Report
Protecting Critical Infrastructure: The 2021 Energy, Utilities, and Industrials Cyber Threat Landscape Report