This article is more than 1 year old
Pwnfest drops a nasty surprise on VMware
Drag-and-drop let users escape their VMs
VMware's rushed out a patch for the serious desktop hypervisor bug turned up at the Pwnfest hacker convention.
CVE-2016-7461 is a critical-rated out-of-bounds memory access vuln present in VMware Workstation and VMWare Fusion.
The bug scores a critical rating because it could allow a guest to “execute code on the operating system that runs Workstation or Fusion”, the company's advisory says. That's a big no-no in the virtual world: hypervisors are supposed to contain guests and keep the host OS pristine.
Here's VMware's relevant product and version info:
1
| VMware Product | Product Version | Running on | Severity | Replace with/ Apply Patch | Mitigation/ Workaround |
|---|---|---|---|---|---|
| Workstation Pro | 12.x | Any | Critical | 12.5.2 | Disable DnD and C&P |
| Workstation Player | 12.x | Any | Critical | 12.5.2 | None |
| Fusion Pro, Fusion | 8.x | Mac OS X | Critical | 8.5.2 | Disable DnD and C&P |
| ESXi | Any | ESXi | N/A | Not affected | N/A |
The issue was reported by Qinghao Tang and Xinlei Ying of the 360 Marvel Team, and ace hacker “LokiHardt”.
LokiHardt, real name Jung Hoon, had already demonstrated a Microsoft Edge exploit at Pwnfest. ®
Biting the hand that feeds IT
