Virtualization

Serious vulnerabilities found in VMware

According to Network World, a set of flaws have been discovered in VMware's virtual machine software by researchers at IBM. <br /><br /> VMware has since updated its products to fix the vulnerabilities, though users who have yet to update their software face serious security risks. The root of the issue appears to stem from the DHCP server that comes with VMware.

According to Network World, a set of flaws have been discovered in VMware's virtual machine software by researchers at IBM.

VMware has since updated its products to fix the vulnerabilities, though users who have yet to update their software face serious security risks. The root of the issue appears to stem from the DHCP server that comes with VMware.

Excerpt from the article:

The DHCP software is used to assign IP addresses to the different virtual machines running within VMware, but IBM researchers discovered that it can be exploited to gain control of the computer. That could be very bad news for someone running a lot of applications on the same VMware box, said Tom Cross, a researcher with IBM's Internet Security Systems group.

Tom noted that exploiting this vulnerability could allow an attacker to gain complete control of any virtual machine on the physical server.

The DCHP flaws discovered here affect practically the whole range of VMware's products, such as VMware's ACE, Player, Server, and Workstation products running on both Linux and Windows operating systems.

Do you use VMware? What do you use virtualization for?

About

Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.

Editor's Picks

Free Newsletters, In your Inbox