In association with heise online

04 December 2008, 10:36

Security update for VMware

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

VMware has issued updates to fix vulnerabilities in a number of its virtualisation solutions. One problem affecting virtually all products, with the exception of older versions of ESX(i) Server, is that a malicious request sent from a guest operating system to the virtual hardware can cause the virtual hardware to write to uncontrolled physical memory.

VMWare doesn't say if this could be exploited, but the system is likely to become unstable as a result. VMware therefore rates the vulnerability as critical.

An update for the ESX and ESXi server also fixes a problem in the bzip2 (de)compression program, which crashes when attempting to decompress malformed archives and can then also cause applications linked to the libbz2 library to crash. The original manufacturer's report contains links to all of the updates for each product.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit