Pwnfest drops a nasty surprise on VMware
Drag-and-drop let users escape their VMs
VMware's rushed out a patch for the serious desktop hypervisor bug turned up at the Pwnfest hacker convention.
CVE-2016-7461 is a critical-rated out-of-bounds memory access vuln present in VMware Workstation and VMWare Fusion.
The bug scores a critical rating because it could allow a guest to “execute code on the operating system that runs Workstation or Fusion”, the company's advisory says. That's a big no-no in the virtual world: hypervisors are supposed to contain guests and keep the host OS pristine.
Here's VMware's relevant product and version info:
|VMware Product||Product Version||Running on||Severity||Replace with/ Apply Patch||Mitigation/ Workaround|
|Workstation Pro||12.x||Any||Critical||12.5.2||Disable DnD and C&P|
|Fusion Pro, Fusion||8.x||Mac OS X||Critical||8.5.2||Disable DnD and C&P|
The issue was reported by Qinghao Tang and Xinlei Ying of the 360 Marvel Team, and ace hacker “LokiHardt”.
LokiHardt, real name Jung Hoon, had already demonstrated a Microsoft Edge exploit at Pwnfest. ®