VMware has released their first security advisory of 2016 regarding an important guest privilege escalation vulnerability in VMware Tools
The Share Folders (HGFS) feature running on Windows is plagued by a memory corruption flaw that can be exploited by an attacker to escalate their privileges in the guest operating system. VMware has confirmed that the vulnerability cannot be exploited to escalate privileges from the guest operating system to the host, and host memory cannot be manipulated from the guest.
The vulnerability can be patched with 201512102-SG patches. Once the patches are applied, the VMware Tools in all Windows guests that include Shared Folders feature need to be updated. A workaround for this vulnerability is to remove the Shared Folders feature to prevent exploitation.
This short article caught my attention because I manage multiple VMware ESXI hosts at my job and will be looking into mitigating this vulnerability this week. This is a great example of why we should be keeping up with security patches in order to keep the network and devices safe especially when it affects the servers. Hacks on large companies like the SONY PSN hack could have been prevented if their servers were patched with the latest updates. With enough time and resources a hacker will get into a network, but to allow them in due to unpatched servers would be unacceptable. It's up to the system administrators to keep an eye out for these things.
No comments:
Post a Comment