VMware update prevents host code execution

Discussion in 'other security issues & news' started by ronjor, Apr 14, 2009.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,764
    Location:
    Texas
    Story
     
  2. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    btw VMWare have a security announce list which you can also subscribe to. You may also search for patches by product from the support pages.
     
  3. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    Thanks for this ronjor.
    Well, well, what a PITA eh.
    All the doom sayers must be happy now :p
    Suppose it had to happen :(
    If I may:
    Good comment From Blake McNeill ( LinkLogger )
    Now we might need all that other 'stuff' for the VM's :doubt:
     
    Last edited: Apr 15, 2009
  4. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,697
    This is a serious one, but not as serious as it sounds.

    If you do not use your guests for specifically testing of malicious code but only for purposes of education, trying new operating systems, trusted-vendor software testing etc, plus if you have win/lin combo as to host/guest, chances of getting the guest to execute something on the host is a remote one.

    Mrk
     
  5. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    I assume that is correct: i cant see anything about new *nix exploits in guest to own host??

    Just a great big pita: I suspect most VM users are virtualising Win, at home, one or two VMs, but, especially in biz = big issue as exploit is out and about. Now need to roll out patch.

    Can this be used from MS vm to own *nix host ??
     
    Last edited: Apr 15, 2009
  6. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,047
    Not to big an issue here, already update to 6.5.2

    As to the comment about needing "all the other stuff" I have the same configuration on my VM's as the host. That way if I do test new software, it's as close to the host as possible.

    Also if playing with malware, I always shadow all my disk drives with ShadowDefender, just in case there happens to be a leak.

    Pete
     
  7. Dogbiscuit

    Dogbiscuit Guest

    VMSA-2009-0006.

    Code:
     
    VMware         Product   Running  Replace with/
    Product        Version   on       Apply Patch
    =============  ========  =======  =================
    VirtualCenter  any       Windows  not affected
    
    Workstation    6.5.x     any      6.5.2 build 156735 or later
    Workstation    6.0.x     any      upgrade to at least 6.5.2
    
    Player         2.5.x     any      2.5.2 build 156735 or later
    Player         2.0.x     any      upgrade to at least 2.5.2
     
    ACE            2.5.x     Windows  2.5.2 build 156735 or later
    ACE            2.0.      Windows  upgrade to at least 2.5.2
     
    Server         2.x       any      2.0.1 build 156745 or later
    Server         1.x       any      1.0.9 build 156507 or later
     
    Fusion         2.x       Mac OS/X 2.0.4 build 159196 or later
     
    ESXi           3.5       ESXi     ESXe350-200904201-O-SG
     
    ESX            3.5       ESX      ESX350-200904201-SG
    ESX            3.0.3     ESX      ESX303-200904403-SG
    ESX            3.0.2     ESX      ESX-1008421
    ESX            2.5.5     ESX      not affected
     
  8. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    Dogbuiscuit: thanks
    posted late last night : actually made an edit but somehow got lost

    I note the VMWare advisory which looks like any OS running the unpatched VMWare is vulnerable.

    Still has to be executed somehow ??
    This is a biggie really.
    VMWare has gone beyond a threshold where now it is a lucrative target, bet there has been a lot of work somewhere re trying to break through VMs
    VMWare seems to be acting promptly which is good.
    So much for that lagoon of serenity.

    Fumbling around here:
    Any info re VM snapshots and rolling back to eradicate this. ??
    Is there any exploit loaded into the host OS if an affected VM is wiped ??
     
    Last edited: Apr 15, 2009
Loading...
Thread Status:
Not open for further replies.