VMware patches privilege escalation flaw
VMware has released new security updates to address a host privilege escalation vulnerability in VMware Workstation, Player and Horizon View Client for Windows, which – if exploited – would allow an attacker to escalate privileges on an affected machine.
The flaw, first discovered by security consultancy Nettitude, is fixed through the updates which are as follows:
Updates available include:
· VMware Workstation 11.1.1
· VMware Workstation 10.0.7
· VMware Player 7.1.1
· VMware Player 6.0.7
· VMware Horizon Client for Windows (with Local Mode Option) 5.4.2
Users and administrators are encouraged to review the VMware Security Advisory VMSA-2015-0005(link is external) and apply the necessary updates.
Other updates from VMWare this month include arbitrary code execution, privilege escalation on the host OS, denial of service and memory manipulation issues.