News

Security Vulnerability Found in VMware

By Nate Mook | Published December 21, 2005, 4:12 PM

A "very serious" security vulnerability has been discovered in VMware's line of virtual computing products, including VMware Workstation, GSX Server, ACE and VMware Player. The flaw could enable malware to effectively "jump" from the virtual machine onto the real computer running VMware software.

"Since VMware is used heavily in malware research, this is an obvious danger," says Alex Eckelberry, CEO of Sunbelt Software. VMware has posted updates to the affected products, which customers are urged to download immediately. Alternatively, users can disable the NAT service, which contains the vulnerability.

Comments

View comments by with a score of at least

Siyavash
Dec 21, 2005 - 7:40 PM

That's why I use Microsoft VirtualPC instead. =:D

Score: 0

|
Post Reply
Mark Gillespie
Dec 22, 2005 - 7:07 AM

then you are a fool.

Score: 0

|
Post Reply
Vantorax
Dec 22, 2005 - 8:50 AM

And Microsoft has always been immune to nasty vulnerabilities?

Score: 0

|
Post Reply
PC_Tool
Dec 21, 2005 - 4:51 PM

Um...

*gasp*

A NAT gateway to my host PC means the guest OS can communicate to the Host?

Shocking!

...Idiots.

Score: 0

|
Post Reply
NEOBassDUDE
Dec 21, 2005 - 4:21 PM

Thats just about the worst exploit you could have with this kind of software!

Score: 0

|
Post Reply
Kramy
Dec 21, 2005 - 4:38 PM

Good thing they patched it immediately then!

Score: 0

|
Post Reply

Latest Firefox 3.6 beta fixes 133 bugs, promises faster page load times

A once-sluggish beta testing process has kicked into overdrive, with astonishing success at finding serious bugs. Will Mozilla be able to fix all the others in time?

Apple invokes DMCA, claims Psystar is 'trafficking in circumvention devices'

In trying to close the book on possibly the last attempt at a Mac clone, Apple cites from its own landmark case...but may actually be misinterpreting it.

The fallacy of Facebook privacy

Carmi Levy | Wide Angle Zoom: If an insurance company learns something interesting about its client through the Internet, is that snooping?

Microsoft 'worked with Apple' for Silverlight on iPhone, says Goldfarb

By not making such a big deal out of trying to stream video to the iPhone, Microsoft got a big deal out of it, revealed the Silverlight product manager.

Confirmed: Office 2010 to ship in June

Two weeks after Microsoft had been expected to draw a clearer roadmap for its principal applications suite, it's finally ready to commit to the end of H1.

New EU antitrust commissioner will oversee Microsoft, Oracle+Sun, Intel issues

As one of Europe's most prominent politicians shifts positions in January, her replacement remains a question mark over technology's biggest issues.

Without its own 'iTablet' yet, is Apple missing the boat?

Steve Jobs is on record as dissing "single-purpose" devices like e-readers. But given their recent popularity, was that a mistake?

Not-so-mobile battery life: Time to force the issue

Carmi Levy | Wide Angle Zoom: If power efficiency is important when you buy a car or even a motorcycle, why shouldn't it matter for a smartphone?

Clicker.com cuts through the Web video chaos

In a world where homemade video and Hollywood movies travel the same pipeline, it's good to have a real search engine to cut through the clutter.

Microsoft's Ray Ozzie: 'Nobody's going to be 100% open'

The mobile apps ecosystems of the world may converge over time, led by apps being ported over across platforms, according to the Chief Software Architect.

A case study in improving software: What Office 2010 can learn from Notion 3

A music composition product gambles with a complete overhaul, in an effort to make headway against two well-known competitors in a tough market.