VMware Patches Privilege Bug

Monday, December 9, 2013 @ 06:12 PM gHale

VMware created an update to its hypervisor products to address a privilege escalation vulnerability when running Windows XP, Windows Server 2003 and older versions of Windows as a guest operating system.

The products are VMware Workstation, VMware Fusion and VMware ESXi and ESX. The vector for the attack is a VMware device driver LGTOSYNC.SYS. The file properties for this driver describe it as “VMware/Legato Sync Driver.”

RELATED STORIES
VMware Patches Workstation Bug
VMware Patches Security Holes
VMware Fixes DoS Vulnerability
Big Security Patch from Oracle

The hypervisor itself is not exploitable through this vulnerability, but an unprivileged Windows process could elevate privilege under Windows. Presumably it could attain the privileges under which LGTOSYNC.SYS runs, but the advisory does not specify what level this is.

Users can download the updated versions here:

Earlier in November, VMware released updates for VMware Workstation and VMware Player that fix a security vulnerability that attackers could use to host privilege escalation on Linux-based devices.

VMware Workstation for Linux 9.x prior to version 9.0.3 and VMware Player for Linux 5.x prior to version 5.0.3 suffer from the issue, according to the advisory published by the company.



Leave a Reply

You must be logged in to post a comment.