Vmware vulnerabilities have been patched

by Unallocated Author May 22, 2017

written by Unallocated Author May 22, 2017

VMware patched two security issues in the VMware Workstation Pro/Player, includes an insecure library loading vulnerability via ALSA sound driver configuration files. If the attacker was able to exploit this issue, it might allow unprivileged host users to escalate their privileges to root in a Linux host machine. Another security flaw is a NULL pointer dereference issue that exists in the vstor2 driver. An attacker with regular host user privileges can exploit the vulnerability to cause a Denial Of Service condition on the host machine.

An important security issue (tracked as CVE-2017-4915) discovered by Jann Horn of Google Project Zero and, affects the Workstation Pro and Player 12.x on Linux.

Product: Workstation Pro

Version: 12.x

Running on: Linux

Severity: Important

Replace with/ Apply Patch: 12.5.6

The other security issue (tracked as CVE-2017-4916) discovered by Borja Merino (a security researcher from Spain) and, affects the Workstation Pro and Player 12.x on Windows.

Product: Workstation Pro

Version: 12.x

Running on: Windows

Severity: Moderate

Replace with/ Apply Patch: 12.5.6

The security bugs have been patched with the release of VMware Workstation 12.5.6. VMware is advising users to update the software to the most recent version, 12.5.6, to patch both issues.

VMware

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Vmware vulnerabilities have been patched

IBM is giving their quantum computer as service in their cloud platform Blumix

Verizon Messages App was vulnerable to XSS

You may also like