Last week (November 10th to 11th) we had PwnFest, a hacking competition that took place at South Korea at the 2016 Power of Community (POC) security conference.
This year VMware was one of the many targets with VMware Workstation and VMware Fusion.
It turns out that a vulnerability has been found and exploited.
The drag and drop (DnD) functionality on those product had an out of bound memory access (buffer overflow) vulnerability that allows a guest to execute code on the operating system that runs Workstation or Fusion.
Let me be crystal clear here: This vulnerability is JUST presented on VMware Workstation and Fusion only. Nothing related to ESXi or other products.
With that said, VMware worked diligently during the past few days and on November 13th we released the fix.
Although it's not possible to exploit it remotely, they would need to have access to your computer in order to run it, I encourage all of you to install this fix.
The protected versions are:
If for any reason you could not install it, there’s a workaround to prevent the vulnerability to be exploited. Disable DnD !!!
- On the VM Settings
- Click on Isolation
- - Uncheck, Enable Drag and Drop and Enable Copy and Past
See you next!!!
